Infosecurity Europe, Earls Court, London, April 27, 2010
Webroot, a leading Internet security provider for the consumer, enterprise and SMB markets, today released new research reporting that nearly all (98%) companies allow employees to access their network remotely. The associated risks raise concern among one in four IT decision makers who are responsible for their company’s Web security.
Among the key findings:
Growth in Web 2.0 usage in business reflected in the growth of Web-threats
In a survey of 803 IT professionals in companies with 100 to 5,000 employees in the United Kingdom, USA and Australia, Webroot found that 72 per cent of UK companies now use Web 2.0 applications and online collaboration tools to do business. This growth in Web 2.0 usage is reflected in the growth of Web threats, as the research shows that eight in 10 UK businesses experienced one or more attacks via the Web in 2009.
Speaking from Infosecurity Europe 2010, Gerhard Eschelbeck, chief technology officer, Webroot said, "Employees are unwittingly putting their employers at risk of the growing threat of Web-based malware, as they increasingly turn to the Internet to do business. Malware writers are becoming more and more adept at producing software designed to operate stealthily, and pilfer personal data including banking information and login credentials via Web sites. But we’re finding that companies are starting to develop security strategies which more stringently enforce Internet use policies supported by the implementation of Web security solutions."
Online gambling being the most forbidden activity at a workplace
Webroot commissioned the survey to identify the weakest links in Web security and ascertain how companies are addressing these issues. The research revealed that 95 per cent of companies prohibit access to specific Web sites or activities and 88 per cent of companies have a formal Internet use policy. Online gambling was by far the most forbidden with 80 per cent blocking gambling sites at work, and was particularly troublesome for IT managers in the UK – 21 per cent of UK companies reported problems via this source, compared to only 12 per cent in the US.
Top reasons for adopting Web SaaS
Companies generally support Internet use policies with Web security technologies. Companies that invest in Security-as-a-Service (SaaS) solutions found themselves statistically less likely to be compromised via an online attack. Simplicity (20%), effectiveness (19%) and blocking access to inappropriate sites (16%) are the top three reasons for adopting Web SaaS. The overall cost of a Web-borne attack is a fundamental reason why companies also choose SaaS. In the survey, over half of SMBs that experience Web-borne attacks had moderate or major increase in help desk time to repair damage.
Future uptake of SaaS for SMBs
Eschelbeck continued, "In the last few years, companies have begun to embrace the concept of deploying security solutions ’in the cloud’, rather than locally, at their own premises. Security-as-a-Service, delivered with experience and expertise, can be beneficial as a cost reduction tool, stripping complexity out of any organisation, limiting capital expenditure and lowering maintenance tasks, thus bringing down operational costs."
According to the survey, one in five SMBs have implemented Web security SaaS and one-third of companies plan to implement in 2010. By 2011, 50 per cent of UK companies plan to implement Web security in a SaaS format.
Webroot is exhibiting at Infosecurity Europe, Earls Court, London, on Stand F20, 27-29 April 2010.
Webroot commissioned a global study of 803 Web Security professionals in companies with 100 to 5,000 seats in Australia, the United Kingdom and the United States. The online study was fielded using Qualtrics survey software from December 15, 2009, through January 6, 2010. MarketTools and e-Rewards provided qualified respondents from their IT decision-maker panels. The results have a margin of error of +3.4 percentage points at the 95 percent level of confidence.