VanDyke Software announced the results of a security-related survey commissioned through Saurage Research. Saurage contacted 710 small- and medium-sized business in the fourth quarter of 2002 to learn their priorities in protecting their enterprises.
The survey revealed that the top eight threats experienced by those surveyed were viruses (78 percent of respondents), system penetration (50 percent), denial of service (DoS—40 percent), insider abuse (29 percent), spoofing (28 percent), laptop theft (22 percent), data/network sabotage (20 percent), and unauthorized insider access (16 percent). An interesting detail of the survey is that 80 respondents said they experienced no security threats during all of 2002.
Although viruses were the most significant threats faced by the respondents, some 66 percent of the companies said that they perceive system penetration to be the largest threat to their enterprises. Forty-five percent said sabotage was their biggest concern, with theft of proprietary data ranked third with 40 percent of respondents stating it was their biggest concern. Other areas of concern included DoS (34 percent), viruses (23 percent), unauthorized insider access (18 percent), laptop theft (13 percent), and insider abuse of the Internet (11 percent).
The survey also showed that five percent were concerned about telecommunications eavesdropping and three percent were concerned about wiretapping.
Ninety percent of all respondents use antivirus software and 86 percent use firewalls. Seventy-five percent conduct file transfers, 71 percent use terminal services, 67 percent use remote access methodologies, 67 use encryption, 59 use VPNs, and 42 percent use Intrusion Detection Systems (IDS).
Jeff P. Van Dyke, president of VanDyke Software said, "IT professionals within small- or medium-sized businesses face a multitude of external and internal security threats and usually don't have a lot of money or people at their disposal. The challenge at hand is to cost-effectively confront multiple security threats while maintaining access to data and services."