IT managers: Staff to blame for security breaches

IT managers within small and medium sized businesses (SMEs) blame employees for internet security breaches, despite many companies failing to implement online usage policies, new figures show.

The study, which was commissioned by internet security firm Websense, found that more than a quarter of European SME IT managers believe their staff are ultimately responsible for online security breaches.

However, less than half (47 per cent) of the IT managers surveyed said their company use web filtering software to protect the corporation and its employees against online threats.

What's more just under a quarter (23 per cent) of SMEs have internet usage policies in place, but don’t enforce them by requesting staff to sign the rules. A further, 16 per cent admitted having no usage policy at all and that they completely trust their workers.

Conversely, a third (32 per cent) of IT managers rated employee behaviour as the main cause of frustration when trying to implement and maintain IT security. This issue not being high on the corporate agenda and budget constraints closely followed.

Almost a third (31 percent) of employees questioned said that they could not cope without being able to access websites at work, despite being deemed high security risks, such as peer-to-peer and free software download sites.

"We urge all small to medium size businesses to make IT security a business-critical issue,” advised Mark Murtagh, technical director at Websense. “Leaving their employees to make security decisions based on what they feel is right is not only putting company confidential data at risk, but also adding strain to the IT department. Internet use policies need to be automated to ensure that hidden dangers are found and protected against."

The study surveyed 750 IT managers and employees across Europe, in countries including the UK, Germany, France and Italy.

Sign up to our newsletters