SMBs Fret Over Web 2.0 Security Risks

Social networking and Web 2.0 are two of the security headaches that are keeping IT managers at small to medium sized businesses (SMBs) awake at night, according to Internet security provider Webroot.

The data is part of a survey of 803 IT professionals in companies with 100 to 5,000 employees in the United States, the United Kingdom and Australia.

The vast majority of respondents (80 percent) said Web 2.0-based malware will be a problem in 2010. The survey found 73 percent believe Web-based threats are more difficult to manage than email-based threats.

Survey respondents identified data security and confidentiality, data loss prevention, and securing mobile and laptop users as the top three priorities for Web security in 2010. Webroot said it commissioned the survey to identify the threats security professionals most anticipate in 2010; the weakest links in Web security; and how to guard against Web-borne threats, how employees put organisations’ security at risk and how best-in-class companies are addressing these issues.

Nearly one quarter of those surveyed believe their company is very or extremely vulnerable to threats from Microsoft operating system vulnerabilities (25 percent); unpatched client-side software, such as Adobe Flash or Adobe Reader, Apple QuickTime, Microsoft Office or Sun Java (24 percent); browser vulnerabilities (24 percent); and Web 2.0 applications like Facebook or Twitter (23 percent).

About a quarter of SMBs were compromised by employees who accessed personal Webmail accounts (23 percent), used social networking sites (24 percent), used P2P networking (25 percent) or downloaded media (32 percent).

Even among respondents who said they strongly believe that their companies devote sufficient resources to protect against security threats, 60 percent reported attacks from viruses, as well as attacks from spyware (57 percent), phishing (47 percent), hacking (35 percent) and SQL injections of their Websites (32 percent). The majority (73 percent) of respondents agree that managing Web-based threats is more challenging than managing email-based threats.

Eighty-eight percent of SMBs said they have an Internet use policy, and 95 percent said they do something to enforce the policy. The most commonly reported way that companies reported they enforce policies is explaining the policy at employee orientation (69 percent) and sending reminders one or more times per year (44 percent). In addition, 56 percent of SMBs have Internet use policies against visiting social networking sites.

Gerhard Eschelbeck, chief technology officer at Webroot, said businesses of all sizes are waking up to the reality that threats lurk in new places on the Web, including Web 2.0 sites. “Among our own Web Security Service customers, we’re now seeing about half restrict employee access to social networks as a pre-emptive strike against malware infections and data compromise, as well as impacted productivity,” he explained. “Because SMBs tend to have fewer layers of protection than large enterprises, we especially encourage them to keep up with the latest threat vectors by using a service that automatically stops Web-based threats, filters Web traffic and enforces Internet use policies.”

Nathan Eddy

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Recent Posts

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

1 hour ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

16 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

19 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

20 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

21 hours ago