GFI Study: Small U.K. Businesses Underestimate Internal Security Dangers

External threats remain the focus of attention for more than three-quarters of SMEs, according to new research

April 13, 2009

3 Min Read


London, UK, -- Email and security software provider, GFI Software, today announces the results of The GFI Software SME Security Report, a survey conducted in February 2009 across IT decision-makers in UK SMEs. The research, undertaken by Redshift Research on behalf of GFI, has shown that whilst the basics of IT security have been implemented widely (96% have installed anti-virus, 85% possess anti-spam measures and 92% assign user passwords), only a worryingly low 45% of respondents have any form of portable storage device network access management measures in place.

Walter Scott, CEO of GFI Software, comments, "Too much emphasis has historically been placed upon the need for anti-virus and anti-spam applications " external threats " and this has led to the common belief that with these, your network is secure enough. A secure network depends on many other factors and, unfortunately, the internal threat is far too often being ignored. There is a pervasive indifference towards monitoring the whereabouts of data and its ability to accessed or copied."

Scott continues, "Endpoint security is absolutely critical even in the best financial times, but with the economy prompting more and more redundancies, there are more disgruntled employees who pose a potential risk to an organisation's data. Network administrators must pay more attention to access rights holders' ability to copy, edit, delete or distribute data " this need is long overdue and is only more essential in current times."

While financial, contact, R&D and contract information is typically held on the network, 21% of respondents are unable to track where on the network any of this data is available from. This business-critical data is further at risk as written security policies to govern the use of mobile storage devices are held by only 40% of UK SMEs and of these, employees in only 25% of organisations are required to sign them to confirm adherence.

Scott concludes, "Security risks should not be their only concern. We must not forget the cost in terms of loss of productivity. Many companies do not realise how much time is lost when employees are connecting personal devices to the network, browsing the internet for non work-related material, checking their email, downloading files, and so on. If companies were to have the tools to help them understand the economics and financial costs of unmonitored internet and portable device use, I am certain that they would look at security and data in a totally different way."

For a copy of the survey results visit:

About GFI GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. With award-winning technology, an aggressive pricing strategy and a strong focus on small-to-medium sized businesses, GFI is able to satisfy the need for business continuity and productivity encountered by organizations on a global scale. GFI has offices in the US, Malta, UK, Hong Kong and Australia which support more than 200,000 installations worldwide. GFI is a channel-focused company with over 10,000 partners worldwide. GFI is a Microsoft Gold Certified Partner. More information about GFI can be found at

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights