Risk
2/10/2011
02:11 PM
50%
50%

Security Costs SMBs 16 Days Per Month

Managing on-site security systems takes up more than 120 hours of IT staff time each month, according to Webroot.

Top 10 SMB Predictions for 2011
(click image for larger view)
Slideshow: Top 10 SMB Predictions For 2011

IT pros at small and midsize businesses (SMBs) spend 127 hours every month managing their on-premises security infrastructure, according to a new survey released by Webroot.

That equates roughly to 16 eight-hour workdays devoted to tasks such as updating software and hardware, reimaging infected machines, managing end-user policies, and installing patches. Software and hardware updates, for example, take up more than 18 hours of IT personnel's time each month.

While the study included larger companies, too -- its 820 respondents worked for firms with 100 to 5,000 employees -- Webroot chief technology officer Gerhard Eschelbeck said that the numbers were remarkably consistent across organizational size. In other words, SMBs are spending as much time as larger companies managing their on-site security -- only with fewer people and less money. That means security maintenance eats up a much larger slice of the resource pie at smaller firms.

"Smaller companies usually have less IT resources and less resources dedicated to security, so it certainly becomes a double whammy for those organizations," Eshelbeck said in an interview. "An organization with a 100 people, by design has a smaller IT department, security department, than an organization with 1,000 people. Clearly from that perspective, it hits them doubly hard."

While SMBs might make less likely bulls-eyes for targeted attacks, they deal with the same broader threat landscape -- such indiscriminately launched malware -- as big business and big government.

"The fact that they also are dealing with a similar amount of infections and time spent is clearly an indicator that smaller companies are impacted harder," Eshelbeck said.

The survey also found that mobile workers -- and the devices that keep them connected to the virtual office -- pose the fastest-growing concern for IT managers charged with keeping company networks secure. One in three respondents listed mobile devices, from laptops to tablets to smartphones, as their chief challenge in the year ahead. Data breaches and malware threats ranked second and third, respectively, as the top security challenges for 2011.

"Every mobile device is a potential access point for viruses, for any other piece of malware," Eshelbeck said. Mobile devices "really add a completely new vector for infection if they're always on and permanently connected outside of the corporate network."

Some 40% of respondents said they plan to implement a cloud-based security system in 2011 or 2012, listing reduced IT burdens, simplified maintenance, improved malware defenses, and mobile security among their top motivations. Webroot, of course, has a vested interest in these survey results: The company provides Web-based security services. The survey was conducted by a third party, the company said.

In Eshelbeck's view -- based on 20 years in security and 10 in Web-based software -- SMBs drove early growth of cloud-based security and other hosted software, but larger organizations are now bridging the gap.

"Clearly, the revolution started in the [SMB] segment," Eshelbeck said. "Over the years, it has also grown up to the larger organizations."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2329
Published: 2015-08-31
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent string for a check_mk agent, a (2) crafted request to a monitored host, which is not properly handled by ...

CVE-2014-2330
Published: 2015-08-31
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown ...

CVE-2014-2331
Published: 2015-08-31
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2332
Published: 2015-08-31
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVE-2014-2570
Published: 2015-08-31
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.