Paul Fouche, IT consultant for Blue Line Cruises, said that with the proliferation of cheap servers running web applications, smaller SMBs were unaware just how exposed they were.
“They don’t know how vulnerable they are until someone hacks them and shuts down their server affecting their accounts and auditing systems. A lot of the time they’re scared, they’ve got no idea what it is and they don’t want to know or deal with it,” he said.
Cost pressures on small business had also resulted in employees multitasking into areas in which they lacked expertise. “Accounts are running IT, but that’s not their job, they should get onto their jobs,” Fouche added.
Agreeing, Una Charoux, Network Administrator at Sydney-based printing company CDM Print said that due to a lack of resources, action was only taken on a case by case basis. “It has to benefit the business as a whole, for them [management] to do something,” she said.
IDC security research analyst Jean-Marc Annonier said while Australian SMBs were very open to technology, they were unaware of the threats or had the time to research them. “[Their attitude is], ‘Why would I pay for something that won’t happen’,” he said.
However, according to Shane Richards, IT manager at Parramatta Leagues Club, management was starting to become aware of the issue due to increased bandwidth and storage requirements, and time wasted on clearing spam.
Meanwhile, James Scollay, vice president of email security vendor MessageLabs Asia Pacific said the SMB threat landscape has changed dramatically in the past six months with new spam techniques, VoIP and IM threats on the rise and virus rates will decrease and become more targeted.
Furthermore, MessageLabs revealed that the SMB market was fuelling its Australian growth with 255 percent of new orders coming from the sector.
Recently, an IDC white paper commissioned by MessageLabs and McAfee revealed that eighty percent of global SMBs believe a serious IT breach would be detrimental to business while only eight percent regard security as a business priority.