48% of SMBs say education key to improved network security

A new survey shows that nearly half of small companies in the United States believe that employees with a better knowledge of security issues and the part they play in a company’s IT set-up would help to improve network security, while one in four say that even management should be more aware of security issues and threats.
 
A survey of 455 IT executives in small and medium sized businesses in the US found that 48% said that awareness on security issues among employees – the “weakest link’ – was a key factor that could lead to better overall security.
 
The research carried out by polling company eMediaUSA on behalf of GFI Software, an international developer of network security, content security and messaging software, found that employees are not the only people who need to be “educated’. One in four IT executives want senior management to have a better understanding of security issues as this could have a bearing on the overall level of network security and, possibly, the range of security measures that could be implemented. Only 10% of SMBs said they would need more human resources while 12% said network security would improve if they had larger budgets.
 
The survey shows that 4 in 10 SMBs said their networks were not secure enough, with email viruses the major security threat. When asked what their major daily concerns are, 71% of respondents cited downtime and tackling security issues while 51% said user support was a daily concern.
 
From a financial perspective, the survey shows that spending on security measures was relatively low with 55% of SMBs saying they spent less than 10% of their IT budget on security. 38% said they allocated between 11% and 30% of the budget to security, while only 2% said they spent more than half of the budget on security.
 
Despite fewer resources being allocated to security, more than three quarters of respondents were satisfied (77%) and felt that their budget was enough to cover their security requirements. However, the survey also showed that just over 50% of respondents found it difficult to convince management to invest in security solutions. Only 15% said it was very easy.
 
Commenting on this finding, Mr. Muscat said that it was likely that those who found it difficult to convince management to invest in security were trying to sell to management a solution that was not in their typical shopping cart.

According to the survey, the shopping list for SMBs in the US in the coming six months includes network monitoring (31%), email management (29/%), network scanning (26%) and anti-virus (26%) solutions. 15% plan to implement endpoint security or patch management (16%) solutions in the coming six months.