Log In

Reset Password

Who scares your ?IT guy? most? You do

Do you spend restless nights worrying about your company?s security risks?If so, then you must be one of those angst-filled network or system administrators. Put it down to those pesky employees who never seem to follow the rules, leave passwords stuck to their monitors, or who ? ?Oops!? ? just lost a company laptop at an industry exhibition.

Do you spend restless nights worrying about your company?s security risks?

If so, then you must be one of those angst-filled network or system administrators. Put it down to those pesky employees who never seem to follow the rules, leave passwords stuck to their monitors, or who ? ?Oops!? ? just lost a company laptop at an industry exhibition.

According to a survey by Amplitude Research, the top concerns of the network and system administrators were their ?users? (38 percent), their ?recovery plan? or lack thereof (38 percent), a security breach to the network (35 percent), and ?worrying about the next virus/worm? (24 percent).

Concerns about ?users? and ?lack of recovery plan? gained heightened status among network and system administrators when compared to last year?s study. In 2005, 28 percent of those surveyed identified those two issues as the top concern. The percentage of respondents who identified a ?security breach to the network? as a top concern climbed to 35 percent from the 27 percent finding in 2005.

The number of network and system administrators (24 percent) who listed the next virus or worm as a top concern in the 2006 survey represented a three percent increase from the 21 percent level registered in2005 and a decline from the 32 percent finding in2004.

The survey takers were asked what ?keeps them up at night?. About 31 percent said they had no concerns and ?sleep like a baby? ? a drop from the previous year?s 43 percent. The survey also found that companies might not be spending enough on training non-IT employees about security issues.

Among those who cited concern about users, nearly 31 percent cited ?insufficient training time or budget?as a significant contributor to their lack of sleep. About 52 percent of those surveyed in 2005 said their organisation had ?budgeted sufficiently to support information security needs?. This year the number dropped to 48 percent ? about the same level as 2004. The survey was conducted over a three-day period in April and had 255 responses from across the industry.

Amplitude Research also asked about adoption plans for Windows Vista, the new operating system from Microsoft formerly code-named Longhorn. The system is expected to be available in November 2006 although there are indications the release date might be delayed.

About 11 percent of the survey group are currently in beta testing, 19 percent are waiting for public beta release, and 25 percent are waiting for official release to begin testing. The rest are waiting either for successful testing tobe completed or for service packs. About 52 percent said they have no current plans to deploy Vista.

A similar survey of the UK by PricewaterhouseCoopers highlights the similar problems on the other side of the Atlantic, including a lack of investment in training employees. The report reveals that most businesses are a long way from having a security aware culture. Three quarters of UK businesses rate IT security as a high priority,but just one in eight has IT security-qualified staff to put procedures in place. The average ?worst incident? breach cost one company ?12,000, up by ?2,000 since 2004. The financial services sector and telecoms providers are the prime targets of security attacks. The survey reported that three-fifths of companies do not block staff access to inappropriate websites and only one in six scans outgoing mail for inappropriate content.

PricewaterhouseCoopers advises workplaces to have an ?acceptable use? policy in place for staff use of the Internet combined with a programme to increase IT security awareness. Other precautions, such as monitoring the possession of USB drives, should also be put in place. The UK?s Department of Trade and Industry (DTI), which commissioned the PWC survey has four factsheets available for download on good practice in information security.

At ?www.dti-bestpractice-tools.org? DTI also has an online information security health check for you to complete, letting you know where you fall and where you shine.

Completing the survey might allow you to get some sleep after all ? or spend more time in bed worrying.