Enterprise IT administrators need to be aware of the potential threats users can introduce onto their company network while engaging in online shopping throughout the Christmas season. A recent survey entitled “Web Filtering in Small and Medium-sized Enterprises (SMEs)” reveals that nearly one in three organisations (30.1%) do not have a web monitoring or filtering solution in place to monitor HTTP traffic, leaving their company’s assets potentially exposed to web-based threats, including malware and Trojans.
The survey of more than 600 SMEs also revealed that:
- Nearly two-thirds of the SMEs that do NOT have a web filtering security solution in place reported experiencing a malware or virus attack via downloaded files;
- 85% of those who use web filtering/security solutions allow employees to surf the Internet for personal reasons during office hours; and
- One of every five SMEs do NOT have an Acceptable Use Policy for internet usage
With 85 percent of SMEs allowing their employees to surf the internet during work hours – many without acceptable use policies in place to enforce appropriate browsing – organisations will be particularly vulnerable during the Christmas shopping season, when e-commerce skyrockets. Not only will businesses lose some productivity due to “cyber-slacking,” with employees spending work hours shopping online, but hackers take advantage of online users through SEO search poisoning, malware on social networks, and other methods of social engineering to infect a system.
Major shopping days such as Black Friday are a profitable time for both retailers and potentially cyber criminals. Cyber criminals are out there, attempting to trick users into clicking links which will either load malicious malware or spyware or take them to a fraudulent website – potentially compromising personal or corporate information. Organisations should review security policies and appropriate web use guidelines with employees and where possible, employ a combination of antivirus and web filtering solutions.