Discover security breach, blame the co-workers?

IT managers in small, midsize companies believe staff members are responsible for online-security problems, survey finds.

IT managers in small and midsize businesses blame their fellow workers for online security breaches--despite the fact many small enterprises still don't enforce Web usage policies.

More than a fourth of European IT managers in small businesses said they believe that company employees are responsible for security problems, according to research commissioned by security software company Websense.

The most frustrating problem for IT managers is employee behavior (cited by nearly a third of managers), followed by security not being high enough on the corporate agenda and then budget constraints.

The survey found that nearly a third of employees said they need to access sites known to present a high security risk, such as peer-to-peer services and free software-downloading sites.

The extent to which workers use the Web is highlighted by the finding that European employees spend an average of two hours per day online at work, with about a half hour of that spent browsing sites not related to work.

But suspicious IT managers believe that the time spent on such sites is closer to 48 minutes--or the equivalent of four hours per week.

The survey also reveals that 23 percent of small to midsize companies have Web security policies but don't enforce them among their employees. Another 16 percent of smaller enterprises have no Web usage policy at all, preferring to trust employees to not put them at risk.

Websense's SMB State of Security survey covered 375 IT managers and 375 employees from companies of between 100 and 250 users in France, Germany, Italy, the Netherlands and the United Kingdom.

Tim Ferguson of reported from London.

Featured Video

Common battery myths that need to die

Sharon Profis busts a few overplayed battery myths on "You're Doing it All Wrong."

by Sharon Profis