The good news is that more employers are monitoring workers' use of computers and telephones, primarily because of concern about the role electronic evidence plays in lawsuits and regulatory investigations, according to Nancy Flynn, executive director of The ePolicy Institute. The bad news is that many small businesses ignore the importance of this type of monitoring.
"It doesn't matter if you have one part-time employee or 10,000 full-time employees—if they are using your e-mail system, you're putting yourself at risk," says Flynn.
In a recent survey of U.S. companies by the institute and the American Management Association, 76 percent said they monitor workers' Web site connections and 65 percent use software to block connection to inappropriate sites. Companies also keep an eye on e-mail, with 55 percent retaining and reviewing messages and voice mail, with 15 percent taping or reviewing those messages.
"Workers' e-mail, instant messages, blog and Internet content create written business records that are the electronic equivalent of DNA evidence," says Flynn, noting that 20 percent of employers have had e-mail subpoenaed by courts or regulators.
"Small businesses, in my opinion, face even more risk than larger companies," she says. All it takes is for one employee to transmit an offensive e-mail that could be subpoenaed in a sexual harassment case, and a company can find itself embroiled in a lawsuit that could cost hundreds of thousands or even millions of dollars. "That's more likely to put a small business out of business," she notes.
Employees at small companies are more likely to have positive attitudes toward their jobs, their employers and their managers than people who work for large companies, according to a May 2005 Harris Poll. Some 64 percent of people working for small employers (less than 50 employees) report being satisfied with their job, compared with 54 percent who work for large companies.
|Take a good deal of pride in work and career|
|Really care about the fate of the organization|
|Agree that top management displays integrity & morality|
Source: Harris Poll
Your machine is running noticeably slower. Spyware tends to replicate rapidly and consume CPU cycles.
An unfamiliar toolbar appears on your browser or in a URL that's not in your favorites list.
When online, your computer automatically redirects you to another site.
You are inundated with pop-up ads—even when your computer is idle—that collect information about you.
There are unrecognizable programs in the program list.
Sophisticated technology is increasingly helping small businesses become more efficient, productive and profitable. However, many small companies are not ensuring the security of all that new information technology.
That's the finding of a recent survey conducted jointly by The Small Business Technology Institute (SBTI) and Symantec Corp. Based on 1,024 respondents from companies with 100 or fewer employees, the survey found that many small companies lack even basic security controls in many key areas. For instance, 20 percent of the companies reported that they lack security controls for e-mail, while almost two-thirds have no security controls in place to protect wireless networks. With the accelerated adoption of networking, mobile computing and Internet access, that percentage is expected to climb.
The survey, which can be downloaded at the SBTI Web site www.sbtechnologyinstitute.org, indicates that many small companies are either unaware of or indifferent to the security breaches. Three-fourths of respondents have no formal planning mechanism in place for ensuring IT security. Only about 40 percent allocate a specific budget for IT security, while only 30 percent have recently increased spending on information security solutions.
Almost 60 percent of the respondents said they had experienced at least one security incident in the past 12 months. They listed computer viruses, spyware and malware as the prime causes of whatever security problems they had encountered. The majority of those companies answering the survey stressed that IT security product materials should be improved to help them make better-informed decisions.
Within the last three years, nearly one out of every three small businesses in the United States has been forced to shut its doors for at least 24 hours due to a natural disaster, according to a poll of companies with 1 to 249 employees by the National Federation of Independent Businesses in Washington, D.C. Among the findings:
- Only 38 percent of small-business owners reported having an emergency-preparedness plan on hand.
- Power failures of at least 24 hours affected 21 percent of the businesses. About 20 percent of those surveyed had backup generators at their principal place of business.
- Calamitous computer viruses were cited by 34 percent, 60 percent of whom paid for professional assistance to get rid of the viruses and restore their systems. For 29 percent, the destruction was so severe that they had to replace the computer equipment.
Few companies encrypt their data backups, according to a recent survey. Only 7 percent of the 388 storage professionals polled say they always encrypt their backups, while 60 percent admit that they never do.
Does your company encrypt data as it is backed up to tape?
Yes, but infrequently: 12%
Don't know: 12%
Yes, frequently: 7%
Yes, always: 7%
Source: Enterprise Strategy Group