Security vendor Webroot has released new research reporting that nearly all (98%) companies in its survey allow employees to access their network remotely. The associated risks raise concern among one in four IT decision makers who are responsible for their company’s Web security.
In a survey of 803 IT professionals in companies with 100 to 5000 employees in the UK, US and Australia, Webroot found that 72% of UK companies now use Web 2.0 applications and online collaboration tools to do business. This growth in Web 2.0 usage is reflected in the growth of Web threats, as the research shows that eight in ten UK businesses experienced one or more attacks via the Web in 2009.
Speaking from Infosecurity Europe 2010, Gerhard Eschelbeck, chief technology officer, Webroot said: “Employees are unwittingly putting their employers at risk of the growing threat of Web-based malware, as they increasingly turn to the Internet to do business.
“Malware writers are becoming more and more adept at producing software designed to operate stealthily, and pilfer personal data including banking information and login credentials via Web sites. But we’re finding that companies are starting to develop security strategies which more stringently enforce Internet use policies supported by the implementation of Web security solutions.”
Webroot commissioned the survey to identify the weakest links in Web security and ascertain how companies are addressing these issues. The research revealed that 95% of companies prohibit access to specific Web sites or activities and 88% of companies have a formal Internet use policy. Online gambling was by far the most forbidden with 80% blocking gambling sites at work, and was particularly troublesome for IT managers in the UK?21% of UK companies reported problems via this source, compared to only 12% in the US.
Eschelbeck continued, “In the last few years, companies have begun to embrace the concept of deploying security solutions ‘in the cloud’, rather than locally, at their own premises. Security-as-a-Service, delivered with experience and expertise, can be beneficial as a cost reduction tool, stripping complexity out of any organisation, limiting capital expenditure and lowering maintenance tasks, thus bringing down operational costs.”
According to the survey, one in five SMBs have implemented Web security SaaS and one-third of companies plan to implement in 2010. By 2011, 50% of UK companies plan to implement Web security in a SaaS format.