SME workers pose top security risk

Employees at small and medium-sized companies are more likely to engage in behaviour that puts their employers at risk, according to a new survey.

Security firm Trend Micro examined the surfing habits of 1,600 employees in the UK, Germany, Japan and the US.

The researchers concluded that employees at smaller firms are more likely to check personal email, launch downloaded executable files and make online purchases.

Trend Micro credits much of this to a shortfall in support and education at smaller firms, which are 50 per cent less likely to have on-site IT support staff should a security threat arise.

"These results tell me that small businesses often lack the resources and manpower to maintain complicated security solutions," said Steve Quane, executive general manager of Trend Micro's SMB business unit.

"But they still need security that is comprehensive and effective at battling the multiple internet-related threats that could compromise their networks and put their business at risk.

Trend Micro found that phishing attacks are of particular concern in the UK. Roughly half of all small business users had been subject to a phishing attack in the past year.

Additionally, 32 per cent of small business users in the UK had downloaded and run executable files in the past year.

UK users did, however, have slightly lower levels of reported spam than their counterparts in Germany, Japan and the US.

Around 80 per cent of UK small business employees had reported receiving spam messages, compared to 83 per cent in Germany, 82 per cent in the US and 73 per cent in Japan.

UK and US small business users were also more savvy about confidentiality and data breaches.

While still at a lower rate than employees at larger firms, more small business users in the US and UK are likely to know what constitutes confidential company information than their counterparts in other countries.