More than half of the 1,425 small and medium sized businesses surveyed by security company Symantec had suffered from security breaches in the last twelve months.
The report, called the 2009 Global Small and Mid-Sized Business Security and Storage survey, noted that although the top reasons for data loss were system failures or onsite disasters, a significant proportion – thirty nine per cent – came down to deliberate sabotage by employees.
The report also found that out of date security solutions, and improper security procedures accounted for significant amounts of data loss.
Despite the data losses, SMBs are aware of security and cite the importance of protecting email, information and hardware as a means of avoiding data loss. Viruses were seen as the top security threat, followed by concern about phishing scams, spam, data breaches and the loss of confidential data via email or USB devices.
Hampering security efforts by SMBs is a lack of qualified staff – forty six per cent of SMBs don’t have dedicated IT staff, meaning that they either have no-one managing their technology, or the responsibility falls onto a staff member with another job.
“While SMBs clearly appreciate the importance of security, they face barriers when strengthening their IT security infrastructure,” said Steve Martin, SMB director, Pacific Region, Symantec. “For many companies, the issue of strengthening their IT security infrastructure is compounded not only by the challenges of staffing, budget and time, but also by trying to keep up with the growing amount of information that now resides on mobile devices such as laptops, PDAs and Smartphones as well as external storage devices such as USB keys.”
According to the study, when SMBs do suffer data loss it is likely to be in an area where basic protection and preventative measures would have alleviated the issue.