The survey was conducted at the Infosecurity Europe conference by Secure Computing. "48% of organisations do not use desktop firewalls for end point security," said a statement from Secure Computing. "This is the most basic and fundamental level of security that should be deployed to prevent unauthorised access to sensitive information."
When it came to access to devices, 46% of firms surveyed used just passwords, despite 70% of the information managers surveyed believing that signature based security is not sufficient in itself to protect an organisation. Hardware tokens were used by 40% of firms and biometrics by 5%.
"Identity and access management is key to ensuring that people only have access to the information that they need and are authorised to use”, said Andy Philpott, vice president of Secure Computing in Europe. "For an organisation to be secure in the current environment of increased cyber-crime, it must create a culture of security awareness in the people who have access to data."
Security technology vendors argue that dangers to computers are on the increase. Secure Computing said that over 10,800 new virus and worm variants were identified for the Win32 platform in the first half of 2005.
Security firm McAfee has warned that the number of threats has doubled in the last two years. “It’s remarkable to note that it took 18 years for our database to reach 100,000 malicious threats and just under two years to double to 200,000,” said Stuart McClure, senior vice president of global research and threats at McAfee. “Although security awareness continues to improve, hackers and malicious code authors are releasing threats faster than ever before, with approximately 200% more malicious threats per day than two years ago.”
"In 2004, McAfee added 27,340 new threats to its database. In 2005, it added 56,880 new threats," said a statement from McAfee. "Since 1st January 2006, McAfee has added approximately 32,000 new threats to its database and is on track to exceed 60,000 new threats by the end of this year. Given current trends, McAfee expects the 400,000th threat to be identified in less than two years."
