Many businesses are failing to secure WiFi networks, Voice over Internet Protocol (VoIP) and USB storage devices, new figures show.According to the latest survey conducted by the National Computing Centre (NCC), 40 per cent of organisations questioned have only partially secured their wireless networks or left them completely unprotected. Less than a fifth (15 per cent) of respondents have introduced any security around VoIP technologies and only 11 per cent have implemented any controls over the use of USB storage sticks.
“Running unsecured WiFi is like locking the front door, but leaving the windows open,” warned Stefan Foster, managing director of NCC. “Fraudsters are increasingly targeting IT systems, and the growing use of WiFi is attracting their attention both inside and outside the office environment. Unsecure wireless is putting organisations and those who interact with them at unnecessary risk.”
However, the majority of respondents said their business has implemented comprehensive security measures to combat external threats such as viruses, spam and phishing scams. These include virus and spyware software and firewalls, plus formal penetration testing policies, which are in place at almost half (45 per cent) of all organisations, with a further 25 per cent partially implemented or under development.
The Manchester-based research company also found that nearly two-thirds (62 per cent) of respondents said that their organisation employs IT security specialists, although that figure drops below 50 per cent for companies with fewer than 25 IT professionals.
According to the research, a company spends on average 3.3 per cent of its IT budget on internet security, with the finance sector spending the most per-capita to protect against security threats.