eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Sean Stenovich often sees his small and midsize business clients pick and choose their security solutions based on what they think they need and can afford.
The result is a security plan that covers some areas but leaves many others exposed, said Stenovich, a principal at Dallas security solutions provider M&S Technologies.
“Theyre thinking [anti-virus] protection, anti-spam software; not intrusion protection, system backups,” Stenovich said. “I feel their pain. Im a small business owner too. They have to prioritize, and they end up with gaps in their protection.”
A survey released last month by Quocirca, a United Kingdom-based research company, reveals just how common that dilemma is.
The Quocirca report, “Achieving Best Practice in IT Management for SMEs,” which is based on a poll of 241 companies with 1,000 or fewer employees, shows that less than 25 percent of SMBs are fully protected against intrusions and security vulnerabilities; most respondents said they lack the time, money and resources to be fully prepared.
Some highlights of the report include:
- 25 percent of SMBs, even some of the larger companies, lack a dedicated IT staffer.
- 75 percent of companies maintain high-speed Internet connections, but only 25 percent have checked the security of those lines in the last year.
- 30 percent have had their ability to operate affected by computer virus; 20 percent by a worm and 15 percent by a hacker.
- Less than 50 percent maintain any spyware protection.
- Between 40 percent and 80 percent of SMBs back up servers; size seemed to be the greatest indicator of whether a company would back up its servers.
- Less than 20 percent of all companies back up PCs at least once a day, even though thats where most of the work and recent data sits; less than 10 percent of the smallest companies back up PCs at least once per day.
- Industry and geography played no role in network vulnerability.