Symantec said Monday SMBs in Hong Kong have the most casual attitude towards information security though 64 percent of them plan to increase ITsecurity and storage in 2009.
The security vendor has released the Asia Pacific and Japan (APJ) findings of its 2009 Global Small and Mid-sized Business (SMB) Security and Storage survey, revealing that 84 per cent of IT spending by SMBs in the region will increase (57 percent) or remain the same (27 percent) this year despite the current economic uncertainty.
System upgrades, automated patch management and data replication ranked as the top three IT investment priorities in APJ this year.
The research showed that the top three security concerns for SMBs in Hong Kong are handheld devices that contain company data (62 percent), managing multiple security technologies (62 percent) and data breaches, and loss of confidential or proprietary information via email (60 percent).
However, only 38 per cent placed extreme importance on information protection and a mere five per cent placed extreme importance on protecting the network, ranking the lowest across all APJ countries.
The survey also revealed that the top three concerns of APJ SMBs are viruses, data breaches, and loss of confidential or propriety information through USB and other devices.
In addition, 52 percent of SMBs in APJ have previously suffered a security breach and the risk of suffering a recurring security breach is higher in the APJ region than in other regions around the world. However, there is a low adoption of basic security measures in APJ with 56 percent of SMBs not having an endpoint protection solution and 53 per cent not having a desktop backup and recovery solution.
Findings on storage showed that 70 percent of APJ SMBs are extremely concerned with backup and recovery of data, followed by disaster recovery planning and strategy (64 percent), and archiving data and emails (56 percent). Yet 53 percent of SMBs have not deployed desktop backup and recovery solutions, and 45 percent perform backup on a weekly or less frequent basis.
These gaps in basic levels of security, despite an awareness of the current internal and external threats amongst APJ SMBs, are driving an increase in security breaches, with the most common causes being system breakdowns and hardware failure, human error and improper or out-of -date security solutions. Lack of budget (41 percent) and employee skills (40 percent) were cited as the main barriers to securing the SMB environment
"Small and medium businesses usually have limited time, money and expertise to secure and manage their information from external and internal threats. Often, more pressing business needs will take precedence over security, backup and recovery for computer and network systems, leaving businesses vulnerable to data and system losses and causing serious damage and business interruption," said Bernard Kwok, Symantec's senior vice president for Asia Pacific and Japan. "By automating key processes such as backup and recovery, endpoint protection and data loss prevention, SMBs can improve cost efficiencies and streamline manageability, giving them more resources and time to focus on their core business."