The State of SMB Security: BYOD and Security Violations on the Rise
New Osterman Research study commissioned by Trend Micro, highlights yearly endpoint infection rate of 52% and double digit growth in web and email threats
Marlow, UK 13th September 2012-- The unstoppable trend for BYOD is bringing new risks to smaller firms, with new research commissioned by Trend Micro pointing to annual endpoint malware infection rates of over 50%.
Osterman Research looked into the current state of SMB security based on a survey of over 100 SMB IT Security Providers during June and July 2012, and its own independent analysis, and published the white paper, “The Cloud Advantage: Increased Security and Lower Costs for SMBs.”
The white paper reports that the Bring Your Own Device (BYOD) trend of employees using personal mobile devices and laptops for work is increasing among SMBs. Android usage gained the largest increase in SMB, with the number of Google Android devices being used in SMBs increasing 7.1 percent from 2011. The number of Apple iPhone’s being used in SMBs increased 3.1 percent, and Apple iPad usage has increased 1.9 percent from 2011.
However, this trend appears to be exposing SMBs to greater risk of infection. During a typical month 4.3 percent of endpoints become infected, which translates to a rate of 52.1 percent annually. Osterman Research also found that it takes a mean elapsed time of 72 minutes to remediate a single endpoint, time wasted that could have been avoided with better security.
The typical SMB employee uses a number of endpoint devices – a desktop computer, a laptop, a smartphone, a tablet, and home computers with various applications on them, all vectors through which malware can enter their SMB organisation’s network. Cyber criminals employ multiple compromised endpoints and social networking to reach large numbers of targets, targeting the more popular mobile devices such as Android™ and iOS.
Osterman Research found that during the past several years a growing number of organisations reported security violations through their use of web and email. Between 2007 and 2012 there was a 35-percent growth in web violations and a 12-percent growth in email violations, suggesting that security violations – malware, phishing and related types of attacks – are growing steadily over time.
SMBs need to properly secure their growing number of endpoint devices to protect the company from malware, phishing and related attacks. Data breaches are becoming so costly that many organisations are at risk of being put out of business through direct financial losses or the high cost of direct or indirect data loss. Last year alone, more than a billion dollars was stolen from small and midsize bank accounts. Besides the consequences to SMBs of data loss, financial loss, or the potential interception of sensitive content, IT Security Providers must spend time and money cleaning customers’ endpoints.
To combat the problem of the “security time gap” between when malware is released and protection is deployed SMBs should update their pattern files/signatures more regularly, as close to real time as possible. Solutions that manage threat intelligence and pattern file/signature updates in the cloud save on endpoint computing resources and allow security solutions to detect and remediate newly discovered threats more quickly. This will result in lower costs and fewer infections, fewer IT resource requirements and less time spent on cleaning devices, and managing email and web security.
"Trend Micro is one of the leading security vendors that manages threat intelligence in the cloud. The cloud-client architecture in the Trend Micro Smart Protection Network provides faster protection than conventional approaches that rely solely on pattern file updates," concluded Michael Osterman, founder of Osterman Research.
“Trend Micro is committed to enabling and supporting our SMB Partners to deliver industry leading real time cloud-based security solutions to their customers”, said James Walker, Senior Product Marketing Manager for EMEA at Trend Micro. “We are dedicated to helping partners grow their business by providing the best security, which not only exceed their customers expectations, but also help reduce the costs associated with the installation and ongoing management of these solutions.”
Trend Micro offers content security that provides immediate protection in a tightly integrated offering of solutions. At the core of these products is the Trend Micro Smart Protection Network. The Smart Protection Network cloud security infrastructure rapidly and accurately identifies new threats, delivering global threat intelligence to secure data wherever it resides. The Smart Protection Network powers the cloud security solutions, which protect the SMB, including hosted endpoint security, hosted email security, and hosted mobile device management. IT service providers can manage the entire cloud security portfolio from a cloud-based central management console, with visibility into multiple customers’ deployments from one central command post. Trend Micro protected small and medium-sized businesses (SMBs) against more than 142 million threats in the first half of 2012 alone.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.