Blog Entries

An independent study conducted by Websense Inc. shows that many small and medium sized businesses are at a greater risk of information loss than they realize. 99% of IT managers feel their company is somewhat protected from internet data loss, but only 22% feel their company is completely protected and only 20% use internet security software. It is very disheartening that 80% of all small and medium sized businesses are not taking even basic security precautions. Internet security software is inexpensive and simple to implement; if your company doesn’t have it in place, then your IT manger needs better training to help them get your company to a baseline level of internet security.

The IT managers surveyed identified the following threats as the top risks to their business:

• 74% - employees clicking on email links from unknown sources
• 53% - employees accidentally sending company email to the wrong address
• 50% - employees deliberately or accidentally accessing adult websites from work

73% of employees surveyed admitted to engaging in at least one of those behaviors, 54% admitted to more than one, and 27% admitted to engaging in all three. This clearly points to a huge lack of training. First and foremost, every company should have an acceptable internet use policy that they actively enforce. Upon employment, every person should receive training that clearly explains these policies and why they are important to keep the company’s confidential information safe. Preventing risky behaviors like these should be one of any IT manager’s top priorities.

41% of employees said they believed their IT department was protecting them from every internet security threat, and 45% said their IT department provided some protection but they weren’t sure how much. The bottom line is that most companies need better security policies in place, IT departments need to be better able to implement those policies and procedures, and employees need better training to understand what their responsibilities are to protect the company’s confidential information. If your company does not have an internal resource with the expertise to help you achieve these goals, the best step to take is to hire an outside consultant who specializes in training companies in your industry.