More enterprises admit to intrusions, lack of best practices
A new survey says the computing systems of one in four medium or large companies have been compromised, and yet only half have taken standard precautions to prevent attacks.
"In the final quarter of 2005, it is somewhat surprising that only slighting more than half of enterprises indicated they have turned off nonsecure protocols like Telnet or FTP," commented Jeff P. VanDyke, president of Albuquerque, N.M.-based VanDyke Software Inc., in a prepared statement. VanDyke Software, which provides standard-based security software, commissioned the survey of 360 respondents conducted earlier this month by Amplitude Research Inc. of Boca Raton, Fla.
More than 50% of respondents at larger companies, which constituted almost half of those taking the survey, did say they now use automated scripts to perform security monitoring and update virus signatures to servers. Combined with those at companies with 1,000 or less employees, the following tactics were being used:
Another interesting highlight was where folks turned to learn about security best practices.
The top sources of information were security-related Web sites (69%); trade magazines (67.5%); training courses (53%); and conferences (50%). Also having in influence were newsletters, online discussion forums, books, local training courses through universities and user groups, USENET groups and security-related Web logs, or blogs.