Outdated computer usage policies combined with ageing infosecurity infrastructures are exposing firms to greater risk of breaches, finds Teneo survey

Technology Uncategorized

Leading infrastructure optimisation specialist Teneo found that UK organisations are struggling to protect themselves against data loss and systems damage because their computer usage policies have not been updated to reflect changing usage patterns at the desktop.

In addition some types of online activity have been banned completely, presumably because systems cannot provide suitable protection in case of exposure to security threats.

Nearly a quarter (22%) of businesses questioned in an online survey of IT Directors at the end of 2011, admitted that they had not updated their computer usage policies to reflect changing usage patterns (e.g. Skype, Social Network usage, private Hotmail etc).

Firms are combating risk of security breaches from interaction via social networks and other online application usage, by imposing blanket bans on access to specific types of sites from firms’ computers, the survey found:

Four out of five (81%) companies have banned online gaming sites; three-quarters (73%) have banned P2P file sharing sites; while over half (54%) have halted access to video and digital music sites such as YouTube and Spotify. However the really big surprise is that a quarter of firms (24%) have blocked key social media sites like Facebook and Twitter and half of organisations (49%) only allow a minority of users to access specific social networking sites if they can prove that social media access supports their job.

But what is really interesting is that companies are seeing increased risk of security breaches in the last 12 months emanating from many different quarters. The largest group (59%) claimed social network usage had posed an increasing risk of a security breach in the last 12 months. Nearly half (43%) thought that use of web-based applications, which often carry malware, spyware and adware into the organisation,  had exposed the firm to increased risk in 2011. Hacking attacks have been a greater threat this year for 14%, while loss of confidential and sensitive data by staff has generated increased risk for 14% also.

Such is the concern that more than half (54%) have disciplined up to five members of staff during the last 12 months for abusing Internet usage and nearly as many (46%) have disciplined staff for IT abuse that specifically exposed their employer to increased risk of security breach or data loss during 2011. More than one in ten (11%) organisations has had to discipline 6-10 employees for Internet abuse.

IT department security threat priorities, in order of importance being placed on them in 2012 planning are:

1.    Protecting against loss of sensitive data
2.    Preventing malware attacks
3.    Enabling security protection for mobile devices including smart phones and tablets
4.    Network device authentication (before users are given access to corporate networks)
5.    Improved intelligence on security events
6.    Managing social media application usage

The Teneo Firewall Trends survey found that only one in six firms (16%) had next generation firewalls capable of alerting, filtering and blocking many of the above threats which are on the rise. Existing firewalls were seen as poor at covering remote/mobile workers devices (59%) and offering poor visibility of desktop and application usage (32%). Nearly a quarter (22%) found them hard to configure for the rapidly changing threat landscape.

Lauren Fortune, Head of Marketing, Teneo commented:
“This survey indicates that computer usage policies and ageing infosecurity hardware of many UK businesses are struggling to keep pace with the changing range and volume of security threats that end users are now exposing their businesses to in their use of IT systems and Internet-based services. The fact that 38% of firms are set to see IT budget cuts in 2012 must be exposing firms to increased security risks.”

Associated with the unveiling of these survey results, Teneo has also published its Firewall Trends Survey Executive Summary which is available now at: http://tinyurl.com/6sdubgc

The company has also created a series of mini guides to support firms’ infosecurity management planning activity including Teneo Mini-Guide: IT Security Infrastructure Consolidation & Cost Control, which is also available at http://tinyurl.com/76q4rzs

Teneo commissioned Agility PR to conduct this online survey through Zoomerang. The 21 question survey was distributed to 5592 Senior IT Managers and Directors of businesses in excess of 500 employees. We received 83 visits and 37 completed questionnaires, a completed response rate of 0.66% between 7th October and 3rd November 2011.

Teneo is an Infrastructure Optimisation specialist with worldwide reach, focused on helping businesses to meet corporate and IT objectives through accelerating the performance of global network infrastructures, improving user productivity, automating management within the Data Centre, lowering overall IT costs and minimising risk.

With over 1500 customers on an international scale, Teneo understands the challenges of supplying, deploying and managing technology over widely distributed locations and offers a range of innovative solutions and services to help businesses not only achieve this but also realise the full cost saving potential of their technology investments.