Symantec Survey Shows Information Protection Is Highest IT Priority For Small And Mid-sized Businesses

Average SMB now spends approximately $51,000 a year to protect their information

Symantec Corp. released the findings of its 2010 Global SMB Information Protection Survey.
The survey found that small and mid-sized businesses (SMBs with 10 to 499
employees) are now making protecting their information their highest IT
priority, as opposed to 15 months ago when a high percentage had failed to enact
even the most basic safeguards. This shift makes sense as SMBs are facing
increased threats from cyber attacks, lost devices and loss of confidential or
proprietary data. The survey is based on responses from 2,152 SMB executives and
IT decision makers in 28 countries in May 2010.

“Small and mid-sized organizations are facing increased risks to their
confidential information—including bank account numbers, credit card information
and customer and employee records. Whether it’s due to a malware attack, a
server crash, or a stolen mobile device, loss of information can be highly
detrimental, if not fatal for an SMB,” said Bernard Laroche, senior director of
product marketing at Symantec. “A year ago, a Symantec survey found one-third of
SMBs did not have the most basic protection of all—antivirus protection. It is
exciting to see that SMBs acknowledge the risks they face and are taking action
to protect their information more completely.”

Survey Highlights

  • SMBs surveyed showed a heightened interest and increased investment in
    information protection. They rank data loss and cyber attacks as their top
    business risks, ahead of traditional criminal activity, natural disasters and
    terrorism. SMBs are now spending an average of $51,000 a year, and two thirds of
    IT staff time working on information protection, including computer security,
    backup, recovery and archiving as well as disaster preparedness. Eighty-seven
    percent of SMBs have a disaster preparedness plan, but there is still work to be
    done as only 23 percent rate their plan pretty good/excellent.
  • Loss of critical business information threatens SMBs. Seventy-four percent
    of SMBs surveyed are somewhat/extremely concerned about losing electronic
    information. In fact, 42 percent have lost confidential or proprietary
    information in the past. As a result, 100 percent of companies who have lost
    data have seen direct losses such as lost revenue or direct financial costs such
    as money or goods.
  • One of the main issues for SMBs is lost devices. Almost two-thirds of
    businesses polled have lost devices such as laptops, smartphones or iPads in the
    past 12 months. One-hundred percent have at least some devices that have no
    password protection and cannot be remotely wiped of their data to protect their
    confidential business information if lost.
  • Cyber attacks are a crucial threat to SMBs. Seventy-three percent of the
    respondents were victims of cyber attacks in the past year. Thirty percent of
    those attacks were deemed somewhat/extremely successful. One-hundred percent of
    SMBs saw losses such as expensive downtime, loss of important corporate data as
    well as personally identifiable information of customers or employees. These
    losses led to direct costs for all respondents such as lost productivity, lost
    revenue and loss of customer trust.

Symantec’s Recommendations

  • Educate employees: Develop Internet security guidelines and educate
    employees about Internet safety, security, and the latest threats. Part of the
    training should focus on the importance of regularly changing passwords and
    protecting mobile devices.
  • Safeguard important business information: SMBs are facing increased
    risks to their confidential information so safeguarding this data is critical.
    One data breach could mean financial ruin for an SMB. Implement a complete
    protection solution to ensure proprietary information—whether its credit card
    information, customer data or employee records—is safe.
  • Implement an effective backup and recovery plan: Protecting
    information is more than implementing an antivirus solution. Backup and recovery
    is a critical component of complete information protection to keep SMBs’
    desktops, servers and applications running smoothly in case of
    disruption—whether it’s a flood, an earthquake, a virus or a system failure. One
    outage could mean customer dissatisfaction and costly downtime, which could be
    catastrophic to the business.
  • Secure email and web assets: Select a mail and Web security solution
    that can help mitigate spam and email threats so SMBs can protect sensitive
    information and spend more time on day-to-day activities. Spammers and phishers
    will use current events and social engineering tactics to get users to give up
    personal information such as credit card and banking information.


Please enter your comment!
Please enter your name here