“Widespread reports of spyware and other malicious code penetrating enterprise networks don’t seem to reflect the experiences of those surveyed by a New York research firm. Only about a quarter of businesses recognized spyware as a major problem. Ninety percent also saw no security risk in instant messaging, and 80% saw no threat from personal e-mail accounts.
The responses were a bit surprising to Myron Kerstetter, senior vice president of TheInfoPro Inc. He interviewed 111 enterprise IT managers across a variety of industries in February for the study, meant to document attitudes about emerging Internet-based security threats from spyware, peer-to-peer file-sharing software, instant messaging (IM) and personal e-mail accounts. TheInfoPro conducted the survey on behalf of San Jose, Calif.-based firm Secure Computing.
“A higher level of people than expected either didn’t recognize the extent of the threats or their management didn’t recognize it,” Kerstetter said. “Others seemed to think that they have the problems licked.”
That’s not to say Kerstetter thinks respondents had their heads in the sand. “It could be that some just haven’t been hit yet, while others don’t see a problem with things like IM because they simply don’t allow its use,” he said. “They’ve decided to hold off on using IM because of uncertainties over its security. Since they don’t allow it, they don’t see it as a security problem for their business.” “