Policy Getting Lost in SMB Security Shuffle

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

When it comes to security, IT managers at European SMBs are quick to blame workers for problems, according to a recent survey by vendor Websense. Yet the managers show little willingness to enforce Internet usage policies, assuming any are in place.


Sixteen percent of the the SMBs surveyed by Websense lack Internet usage policies, reports silicon.com. Twenty-three percent have such policies, but they don't require employees to commit, in writing, to following them.


These results echo those of several previous studies that show that, compared to their larger counterparts, SMBs tend to place less emphasis on security policies.


Nearly a third of the managers in the Websense survey cited employee behavior as their most frustrating security problem, followed by security not figuring highly enough on the corporate agenda and inadequate budgets.


On the worker side, European employees say that about half an hour of the two hours or so they are online daily is spent browsing non-work related sites. The managers believe the amount of time spent at non-work sites is closer to 48 minutes a day, or four hours a week.


Almost a third of employees said they needed to access sites that could present a security risk, such as free software download sites.


Internet threats aren't the only "insider" security issue with which companies of all sizes must contend. The results of another Websense survey, featured recently in InformationWeek, showed European employees admitting to a wide variety of insecure behavior, from accidentally sending out sensitive data to trying to hack into a coworker's e-mail to trying to access files that were off-limits to them.