US SMBs fail to recognize security threats in the workplace
Results of a recent survey showed that nearly half of small and medium-sized businesses (SMBs) in the US do not have the means to monitor or filter Internet traffic and employees’ online activity. These figures indicate that not only are these businesses lagging behind their peers, but they are also not giving internet monitoring the importance that it requires and thus downplaying the risks involved.
The research highlighted the following three points:
- SMBs are overwhelmingly more concerned about external security threats than they are about internal threats
- Few SMBs have rules or policies governing e-mail storage or retention
- Thirty-one percent (31%) allow employees to archive their own email or use PST files on a network share.
“The results pose an interesting question that SMBs should be asking themselves: If half are monitoring Internet activity in the business, why aren’t I?,” said Walter Scott, CEO of GFI Software. “Nearly half of those surveyed are lagging their peers and this indicates that they are not aware of the risks that come with uncontrolled Internet access. It is not a case of ‘big brother’ but rather one of ‘keeping alert’ and being ‘prepared’. With monitoring in place, management has a front-line view of Internet activity in the company.”
“Monitoring employees’ web activity goes beyond simply checking who is doing what online and how much time is spent browsing the Internet. Web monitoring and filtering is key to preventing malware from being downloaded and infecting the network. We also often forget that we are living in a society that is becoming increasingly litigious. Web monitoring and Web filtering give business owners the ammunition they need to counter any claims from clients or employees. It is also management’s fiduciary responsibility to have the data for when it is needed. The risks are too high for businesses today.”
“Once again, we see SMBs either ignoring or unaware of the implications of their actions. Compliance is a major issue in the US and the penalties for non-compliance can be crippling for a business, however, it is surprising, even shocking that SMBs do not have procedures in place to regulate where emails are stored and for how long. Businesses are taking too long to catch up. They need to be proactive because their business could be at stake.”