The dangers to data security are increasing rapidly in all areas of IT Security use, especially recently for smartphones. However, medium-sized companies save on protection or are not well informed. The protection software manufacturers are responding with more comprehensive security packages and more and more cloud offerings.
Although many employees in small and medium-sized enterprises (SMB) are aware of the dangers to data and processes, only a minority can counter these threats. Still, only one-third have set guidelines for dealing with passwords.
A quarter of SMEs already generate 25% of their sales in online trading, and every tenth company would have to cease operations after an hour without this channel. 10% of the companies were already the target of an attack on their website, although the source of the attack could usually not be found. In over 11%, the cause was the careless handling of passwords. Many of the SMEs surveyed – 46.9% employ fewer than ten people – stated that they had not yet dealt adequately with the topic of data security.
“If the IT infrastructure is at a standstill, the company incurs costs of around € 2300 per day on average”. “Another danger is that business-critical applications and data are still inadequately secured. Backing up and restoring essential documents is complicated by virtualization and the cloud. “
The suites, in particular, are of crucial importance, as they help keep administration costs low and enforce guidelines uniformly throughout the company. With “Triton,” Websense recently introduced a suite for email and web security that can be operated both in-house and in the cloud. The unique feature: According to the provider, this means that data loss prevention (DLP) can be implemented as a cloud service for the first time.
IT Security: Medium-Sized Companies Are Carefree
At Trend Micro, the “Worry-Free Business Security 7.Advanced” suite protects SMEs from malware, malicious websites, and unwanted data leakage. At Symantec, the customer can choose between the large, comprehensive Protection Suite Enterprise Edition including DLP and the Endpoint Protection Suite, which does not include DLP. Symantec Verisign offers increasingly affordable and easy-to-use encryption and authentication products.
With all providers, cloud and hosting offers for all disciplines play an increasingly important role. They offer SMEs the opportunity to implement their data security according to their needs, relatively inexpensively and technically optimally because they do not have to build up their own IT know-how.
The SMEs surveyed by the NEG are aware that mobile data carriers such as USB sticks and smartphones pose a latent risk. This is worrying given the growing number of business applications on mobile devices (iPad etc.). Kaspersky Labs found that 36% of users rated the mobile Internet as more dangerous than surfing the PC. “However, only between 13% and 14% of those surveyed currently use antivirus programs for their mobile devices”. “Only 20% to 25% of those surveyed would like to buy a security solution for their smartphone in the future.”
“Companies are increasingly losing data via social media channels.” “Infected search results will no longer be limited to Google, but can also be expected on Facebook. Hackers manipulate Facebook’s search algorithms and direct users to fake websites. Malware is then downloaded from these to steal sensitive company data. “
Conclusion:
A few months ago, the provider Stonewort discovered a considerable danger in the Advanced Evasion Techniques, or AET for short: This new type of attack combines various camouflage techniques, so-called evasions, to introduce viruses, worms, or spy programs into a system unnoticed, for example. “According to current tests in our laboratories, there are 2 to the power of 180 different AET combinations, that’s a 1 with 55 zeros”. “Most classic security mechanisms are completely overwhelmed by this and do not recognize an attack disguised with AET. We suspect that organized criminals are already using AET for targeted attacks.
ALSO RAED: Safe IT Use In Production Has To Be Learned
