Web more of a malware threat than email

Research from IDC Denmark claims to show that companies are now picking up more malware from employee Web surfing than from their inbound email.

This interesting fact was gleaned from a study of around 200 companies across Denmark, which found that almost 40 per cent of respondent firms had been infected by a virus or worm, even though 75 per cent of the companies had implemented a security policy.

According to Per Anderson, IDC Denmark's managing director, there is a common misconception that emails constitute the biggest security threat from the Internet.

"The survey shows that up to 30 per cent of companies with 500 or more staff have been infected as a result of Web surfing, while only 20 to 25 per cent of the same companies experienced viruses and worms as a result of infected emails," he explained.

Interestingly, IDC found that the problem doesn't go away for companies that ban private Web surfing - mainly because such policies often aren't enforced.

The research firm found that 30 per cent of management at the firms contacted reported that their staff accessed the Web during lunch hours and the like, even with a security policy in place.

IDC says it thinks that banning personal Internet use simply isn't realistic, particularly as a long-term solution. Instead, the research firm recommends closer monitoring of staff Internet usage, as well as using tools that give management an overview of time spent and behaviour patterns online...