Author: admini

Latest research reveals the majority of IT bosses are confident about their companies’ security yet when drilling down through the findings we find a picture of disarray as companies lose track of laptops, remote access, the latest threats and the risk of employee wrong-doing.

According to findings released today, 99 percent of respondents said they are protected from threats while only three percent of European IT bosses believe they will never be 100 percent secure.

Mark Murtagh, European technical director at Websense — a provider of Web filtering and Internet securtity services which commissioned the research — said it paints a worrying picture for companies.

Eight percent of companies have no additional security in place beyond desktop antivirus and a firewall and many are being slow to react to the latest threats. Despite it being an issue which has hit the headlines in a big way over the past 12 months spyware is still getting an easy ride, with 35 percent of companies having no protection of any kind in place. And the ways in which spyware can get onto a machine continue to thrive with 56 percent of firms letting staff install and use peer-to-peer software — a common source of malicious code — and 43 percent of firms doing nothing to limit employee Web-surfing.

Furthermore 62 percent of companies are doing nothing to limit staff access to phishing sites.

And if staff decide to turn on their company and steal data or access areas of the network they shouldn’t, only 40 percent are equipped to identify them. More than two-thirds of UK IT bosses (68 percent) think laptops, which are taken home or used remotely and then plugged back into the network, pose a security risk and yet only a quarter (26 percent) are really doing anything about it. Only 21 percent believe it is the responsibility of the IT department while six percent said they don’t know who is responsible.

While 40 percent of respondents claim to audit PCs every three to six months, Murtagh believes this may amount to little more than ‘head count’ — “how many have we got and what operating system are they running?”. “Companies need to seriously audit PCs and undertake full risk assessment. I’d like to think if we did this survey again in six months I’d have some cause for optimism but there will still be a large number of companies who have failed to get a grip on their Internet security,” said Murtagh.

http://news.zdnet.co.uk/internet/security/0,39020375,39191336,00.htm

Eight-four percent of those surveyed said that the spyware problem is worse, or at best the same, as it was three months ago.

Although one would expect such results from a poll done by a vendor that sells gateway, not end-point, anti-spyware products, Gartner research director Avivah Litan seconded Blue Coat’s motion that today’s desktop defenses are not the ultimate solution for the spyware dilemma. “The lack of effectiveness comes from the fact that many [programs] are signature based,” she said, referring to the one-one-one digital fingerprints that anti-spyware, like their anti-virus cousins, must create to detect and then delete each new instance of spyware.

(It’s common, for instance, that one desktop anti-spyware product misses some spyware that rivals catch, and vice versa, the root of the advice by many experts to use multiple anti-spyware solutions.)

In fact, about one out of every eight enterprise IT managers polled said that they re-image all their spyware-infected desktops as a matter of course.

http://www.techweb.com/wire/security/159402774