Survey finds security practices appalling

Despite the recent attacks of viruses, individuals are reluctant to review their security practices, according to a recent survey conducted by Central Command. The results however, were completely aligned to the general feeling among industry analysts that security is not seen as a priority among users.

The survey, titled Are You Practising Safe Computing? was e-mailed to approximately 750,000 PC users worldwide, with a 12 per cent response rate. Over one-fifth of both personal computer and office users exposed their systems to viruses by opening unknown e-mails. At press time, a new virus, called Nimda, was being spread via e-mail attachment, HTTP or across shared hard disks in internal networks. It appeared in inboxes called “Readme.exe”

Keith Peer, the CEO for Central Command in Medina, Ohio, said the biggest surprise is while the public’s awareness has been increased concerning viruses, practises have remained the same.

“The biggest thing was (despite) the recent viruses, warnings and information being published people still aren’t changing their habits…People are practising in the same old fashion as five years ago,” he said. While 48 per cent of respondents said they had heard of viruses like Code Red, Hybris or Loveletter, only nine per cent changed their security practices when online. He said the their behaviour can be explained by a lack of education on viruses and the misconception that the data stored is not crucially important.

Peer added that individuals are not taking security seriously; 38 per cent of respondents said they reported losses of over US$500 million because of the damaged associated with worms, viruses or other infected applications.

Analysts spoken to were not taken aback by the results in the least.

“No, that’s completely in line with my experience. Fundamentally, people are unwilling to invest money in rock solid security investments”, said Larry Karnis senior consultant for Application Enhancements in Brampton, Ont. He said in IT, with budgets tightening – regardless of the fact that security is viewed as important – it does fundamentally impact the bottom line in spending.

Karnis said in IT, managers need not sign on for more education, as they are already aware that outages, if they occur, are costly. Instead, it becomes a game of Russian Roulette. “Sometimes it’s easier to say ‘You know what, I’ll hope my firewall can take care of it and cross my fingers.'” It is an exercise of the worst case scenario, with managers deciding that in some cases, it is cheaper to do nothing, rather than install security patches. The most culpable, are the medium-sized organizations that don’t have the finance in their budgets to support security infrastructure costs, he added.

Individual PC users are also relatively lax in their security practises. “If people aren’t willing to spend the money on a tape drive to save six months worth of work, why would they spend anymore on anti-virus software and security practices.”

Joey Roa, analyst for LightYear Capital in Calgary said most security professionals would not be shocked to learn users are not overly concerned about viruses and security. He did make a distinction between the business community and personal PC user, saying he felt companies were more pro-active because IT managers are concerned about data and data storage and understand the losses associated with downtime. “Users, left to their own devices, have to incur costs, or buy the software, keep it current and install it. That’s asking a lot from the consumer user base.” Consumers need to be made more aware that there is a real danger of losing data, he said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Next article

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now