[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 5 August, 2004, 09:27 GMT 10:27 UK
Staff blamed for virus outbreaks
Graphic of e-mail and circuit board, Eyewire
E-mailed viruses still catch people out
People are the weak link when it comes to computer viruses, a study shows.

A survey by anti-virus firm McAfee found that 50% of senior managers in small businesses blame staff for the damage done by viruses and other computer security problems.

Staff also downloaded unsafe programs on to work PCs and disabled security systems designed to protect them.

Just over half of the small firms questioned said they had suffered damage due to a virus outbreak.

Virus damage

Sal Viveros, spokesman for McAfee which commissioned the research, said many firms had concentrated on some security technologies at the expense of training and educating users.

"Businesses can have the most robust and integrated security system in the world," said Mr Viveros, "but one rogue end user could still be responsible for introducing malicious code onto the network with potentially serious consequences."

The survey found that anti-virus software was widely used on desktop machines (92%), servers (83%) and network gateways (65%), and firewalls (89%) in small firms.

Google logo, Google
One virus caused problems for Google
Despite years of telling users not to open attachments on e-mails they were not expecting, many staff continue to click on anything that lands in their inbox.

As well as irresponsible users, 45% of those questioned in the survey blamed out of date anti-virus software for leaving them vulnerable to attack.

Poor security policies were blamed by 18% for causing problems.

For instance, three-quarters of the 1,240 firms questioned said they had policies that spelled out the dangers of unauthorised downloading to employees.

But despite this, 66% of the respondents were sure that their employees had flouted this policy to install games, peer-to-peer trading software, video files and instant messaging systems.

The results of irresponsible employees, poor policies and out of date anti-virus protection was almost two-thirds (61%) of firms reporting that they had suffered downtime or lost data because of a virus outbreak.

Security controls

Mr Viveros said small firms could protect themselves by thinking more deeply about the way they tackled security problems.

Instead of relying on anti-virus software and reacting to security problems as they arise they should develop an approach that puts many more layers of protection between end users and the outside world.

"Ideally they would be able to create security policies that are enforceable and take security out of end user's hands," he said.

Mr Viveros said small firms tended to get overlooked by many security firms who concentrate on large corporate clients and the huge pools of consumers who subscribe to the UK's net service firms.

Although some managed services were starting to spring up that did the security work for small firms but these were not being taken up in large numbers.

Also, he said, many smaller firms only had time to concentrate on their core business rather than worry about developments in computer security or keep up to date with the latest security problems.


SEE ALSO:
Home PCs hijacked to spread spam
03 Aug 04  |  Technology
Net virus posing as Berg video
03 Aug 04  |  Technology
First Pocket PC virus discovered
19 Jul 04  |  Technology
Calling time on rogue diallers
23 Jul 04  |  Technology
Google recovers after virus hits
27 Jul 04  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific