Has the current IT landscape become too complicated for SMBs to handle and secure?
The answer may be "yes."
While all of the technologies that allow companies to be flexible in how and where they do business have been a boon to employees, a new Sophos survey of nearly 600 IT managers internationally found that SMBs are struggling to keep their IT infrastructure up-to-date and secure.
The ability to work remotely is a major factor in SMB security concerns. According to the Sophos Naked Security blog:
93% of the SMBs surveyed have at least some remote workers. On average around 20% of all employees work remotely. More than half of all respondents said that, in terms of security risks, increased remote working was a growing issue for them. While security risks are the most common issue in all countries surveyed, organizations in the United States and France were the most likely to be concerned.
But, the survey also found that there is hope on the horizon. Nearly half of the companies say they are investing in new IT technologies and improvements to the infrastructure, and 70 percent say they plan to invest more in their security efforts. Of course, when one in five companies say they've been hit with a malware attack that knocked out the network within the past year, investing more in security should be top of mind.
One result in the survey that jumped out at me was the number of companies having trouble enforcing their security policies (36 percent). Is because IT and security managers struggle to manage the network across different platforms and offices and remotely? The survey doesn't really say. I'd personally love to see a survey that looks at security policies and the enforcement of them.
The big takeaway from the survey is the need for SMBs to re-examine their IT infrastructure and how to keep remote workers and the corresponding technologies secure. And perhaps they are on the right track to do so. As Gerhard Eschelbeck, CTO at Sophos, said in statement:
Companies are reevaluating how they tackle IT security. A fragmented approach is consistently leaving networks vulnerable to attack, as new technologies such as cloud, and new devices such as mobile, require more advanced security architectures. For many, it is time to take a more holistic approach to IT security, one that ensures all elements of protection function seamlessly together.