Many IT Managers Don't Use Security Software After All

from the that's-one-strategy... dept

Earlier this week, we pointed to a report saying that security holes in security software could be one of the biggest threats facing computers going forward. Well, now it appears that some IT managers have taken a strategy against such vulnerabilities by just not using security software: "29% don't use anti-spam software, 34% don't use anti-spyware software, 4% don't use anti-virus software and 9% don't have Internet firewalls."
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    dorpus, 22 Jun 2005 @ 6:11am

    A world of accidents

    Where we place resources on security issues is a matter of value systems. A pedestrian is 10 times as likely to get injured as a car driver, assuming you don't die first from falling telephone poles, break your neck on a wet stairway, get electrocuted while typing (because your toe touches the outlet), accidentally strangle yourself in bed, have a truck come through your wall, have a neighbor's TV set fall out of the sky on your head, get impaled by a falling tree branch, die of food poisoning from an ice coffee, have a tiger appear in your bedroom closet and kill you (escaped from the zoo), have a polar bear come out from under your bed, or have a passer-by's umbrella accidentally cut your carotid artery and make your neck spray a fire hydrant of blood, dying 10 seconds later.

    But of course, we are 10 times more likely to spontnaeously develop a disability than die accidentally. We are extremely likely to develop at least one disability before we die, to go deaf from listening to too much loud music, go blind from glaucoma, become clinically psychotic from Huntington's disease, require the use of a wheelchair, develop diabetes and get at least one foot amputated, develop acid reflux that makes us puke hot acid all over everything, develop a tumor in our nose that requires the nose to get amputated, develop blood clotting disorders that make us go around with black-and-blue skin, acquire a staph-A infection that requires extensive amputations, spontaneously develop multiple sclerosis despite no such family history, or a million other debilitating medical conditions, for which medical science currently has no cures.

    link to this | view in chronology ]

    • identicon
      Michael Vilain, 22 Jun 2005 @ 6:36am

      Re: A world of accidents

      Dorpus, I think you have it bass-ackwards. Not surprising, given some of your comments here. As a former Unix admin, I was only as good as my last backup. I don't know where the OP got their information, but even back in 1995, the IT managers I worked with took corporate security very seriously.

      Granted, it's a balancing act. Do you let a marketing weenie have a hole in the firewall for a tradeshow presentation? Do you filter out all email attachments coming in or set-up the virus scanner to stuff such emails into an "UNTRUSTED" folder for each user?

      I can't imagine an IT manager staying in the field or even in a job for very long if they don't think about data security first and foremost.

      link to this | view in chronology ]

      • identicon
        dorpus, 22 Jun 2005 @ 6:44am

        Re: A world of accidents

        I used to be a unix admin too, at a world-class science lab, Fortune 500 companies, ISP's, among others. Most data loss occurred from people deleting their own files. It was a matter of utility vs. cost -- sure, you could build some bulletproof fortress, but if it takes people hours to perform simple tasks because they have to go through elaborate authorizations, then it's not worth it. Admins who obsess over security, without listening to the needs of other users, don't keep their jobs very long either. In the end, most people didn't care if a unix system crashed out and all the data was lost -- it meant job security for programmers.



        link to this | view in chronology ]

        • identicon
          Michael Vilain, 22 Jun 2005 @ 7:10am

          Re: A world of accidents

          I can see why you're not a Unix admin any longer. Yes, it's a balancing act. Users are there to _use_ a computer system. I'd take the backups daily and check logs every morning over news and coffee. Something that gets wedged _today_ is the user's problem. That hole in the firewall is not my call. I let higher-ups decide the risk/benefit analysis. A marketing person with a modem on their PC, connected to a regular phone line, and on the network--there's a real security threat. Again, if their boss says "Let them have it.", it's not my call. I just make sure they know they're opening up a back door into the network and document it. I also think that business tends to be less tolerant of downtime and data loss--it cost them money and uptime was reported monthly up the chain to the CEO.

          Having had a boss that obsessed over ISO 9001 compliance, endless documentation of process and procedures, change control, and hearing he was canned a month after I left, I can see where being percieved as a barrier to getting things done (even though change is not a good thing in a complex environment). Again, I was just a minion, not a decision maker. We never did make even 3 nines 5 uptime in the datacenter.

          link to this | view in chronology ]

          • identicon
            dorpus, 22 Jun 2005 @ 7:23am

            Re: A world of accidents

            Yeah, ISO 9001 compliance, "six sigma", endless documentation of process and procedures, change control, I remember that late 90s shit.

            I'm not a unix admin anymore, for the same reason that being a plumber or truck driver is an unattractive career: important work that gets no respect. The medical world is full of sloth and inefficiency, but receives god-like respect from most people.


            link to this | view in chronology ]

    • identicon
      Mattb, 22 Jun 2005 @ 7:38am

      Re: A world of accidents

      Can this site please develop a feature that blocks/filters comments from certain users. I myself get tired of the inane comments by dorpus.

      link to this | view in chronology ]

      • identicon
        dorpus, 22 Jun 2005 @ 7:43am

        Re: A world of accidents

        Mike doesn't know shit about computers, so Techdorp will have to keep running on Slashdot code from 1995.

        link to this | view in chronology ]

        • identicon
          Ivan Sick., 22 Jun 2005 @ 2:13pm

          Re: A world of accidents

          dorkus,
          1. What does somebody getting impaled by an umbrella have to do with poor network security?
          2. What impact would Mike have on techdorp? Wouldn't that be your site, meaning you choose how it's written?
          3. This site might be based on "Slashdot code from 1995", but it works, right? Nice and simple, short page loads, and no need to use bugmenot. Perfect.

          link to this | view in chronology ]

          • identicon
            dorpus, 22 Jun 2005 @ 6:12pm

            Re: A world of accidents

            I just find it amusing that, in an industry that is always talking about "overnight obsolescence", "vertical learning curves", and "keeping your skills up to date", here are techies defending this stone-age website.

            link to this | view in chronology ]

            • identicon
              any moose cowherder, 23 Jun 2005 @ 2:26am

              Re: A world of accidents

              there are those that talk & those that do. you do a lot of talking dorpus and seem easily amused.

              if it aint broke, dont fix it.

              link to this | view in chronology ]

            • identicon
              eeyore, 23 Jun 2005 @ 5:24am

              Re: A world of accidents

              Feel free to leave anytime, Dorpus. We promise not to miss you.

              link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 Jun 2005 @ 4:10pm

        Re: A world of accidents

        "Can this site please develop a feature that blocks/filters comments from certain users. I myself get tired of the inane comments by dorpus." I'd like to second that emmotion.

        link to this | view in chronology ]

  • identicon
    Alex Moskalyuk, 22 Jun 2005 @ 9:05am

    That's me, at home

    People who don't run security software have as much fun admitting it as admitting alcoholism, but I don't run security software *on a permanent basis*. I don't download anything I don't trust off the Internet and I always keep that XP box patched off WindowsUpdate.

    Once a month or so I'd go to http://housecall.trendmicro.com to do a virus scan, once a week I'd run SpyBot with all the latest updates. Believe it or not, not a single virus or serious spyware (cookies don't count).

    link to this | view in chronology ]

  • identicon
    skebo, 22 Jun 2005 @ 10:35am

    work now or work later

    Pay now or pay later. I'd rather do the work now to protect my systems by running anti-virus/spam/spyware software and preventing a problem that will need to be fixed later if I don't run these apps. When you have drones opening every attachment they receive it's just smart to filter out the obviously bogus virus laden spam. Especially, when many of today's tools have such a low rate of false positives and they need very little configuration out of the box.
    Nothing causes more distruption than a virus replicating all over your network. Those man hours lost by the infected system's owner and the IT guy that has to fix them is $$$. $$$ that would be better spent up-front to prevent the disruption in the first place.

    link to this | view in chronology ]

  • identicon
    me, 23 Jun 2005 @ 4:37pm

    No Subject Given

    It just might be reasonable. They will not click on suspicious attachments etc

    link to this | view in chronology ]

  • identicon
    Dan Matthews, 12 Jun 2006 @ 9:30am

    business finicial schooling

    Aveta Solutions – Six Sigma Online offers online six sigma training and certification classes for lean six sigma, black belts, green belts, and yellow belts. Payment Plans available.

    link to this | view in chronology ]

  • identicon
    Mark, 18 Jan 2010 @ 6:56am

    How big are these companies?

    I think we need to know the size of the businesses involved in this poll if we are to glean anything from the numbers. I mean, most small businesses under 10 employees don't have a dire need for full protection, where as some companies would be absolutely rolling the dice by going without complete security software protection up and down. It just depends on the size and type of business involved..

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.