Internet security needs improving or else half of small- and medium-sized businesses will be hacked by 2003, it was revealed in a report by IT research group Gartner.
Director James Browning said, "With small and midsized firms doing more business on the Internet, their networks are exposed to security breaches. Defensive action is required to protect the company from unauthorised and malicious users."
He points out one area of exposure is remote access It and recommends all companies to use encrypted virtual private networks.
Conal Mannion, a Gartner research director, said, "The problem with all security is the complex technology. Typically, people are trying to integrate two or three different best of breed products in some management framework. This distracts attention away from the main job that needs doing. Networks are built with a particular task in mind. Security is an added concern where people are trying to take risks as safely as possible."
He suggests getting a professional services firm to carry out a penetration test to assess the weaknesses of a security policy. "Security is only as strong as its weakest link. It should be kept in mind where business-to-business links are created," Mannion said.
Large corporations may have a solid security system in place. But these are now linked to suppliers and customers who do not see security as a main business objective. A hack attack could be launched through one of these sites. Mannion said companies should be aware of the legal implications. "Good practice dictates you should enquire from anybody you plan to partner whether they meet your security requirements. But I doubt if this goes on," he said.