Press Releases

Press Release

Enterprise Security Survey: Network Administrators are Comfortable with Security at Their Organizations, but Concerned About Their Users

  • When asked what keeps them up at night, 43% of network administrators and managers said they "sleep like a baby", while the remaining respondents identified "Users", their "Recovery Plan" (or lack thereof), and "A Security Breach to the Network" as the top three concerns that keep them up at night.
  • Network administrators who work for organizations with more than 20,000 employees indicate that they are less comfortable using technology to monitor individual employee usage of the internet than those who work for organizations ranging in size from 100 to 5,000 employees.
  • Contrary to several recent reports by media and bloggers, a relatively high number of network administrators who work for organizations that have adopted Windows XP indicate that they have completed the installation of Windows XP Service Pack 2. The one exception is organizations with more than 20,000 employees.

BINGHAM FARMS, MI and ALBUQUERQUE, NM, May 24, 2005 /PRNewswire/ — One year ago, in a VanDyke Software-commissioned survey of 335 network/systems administrators and networking managers that asked the survey takers what "keeps them up at night", respondents indicated a lack of insomnia and a hefty amount of complacency. This year, Amplitude Research again surveyed network professionals and their responses indicated a heightened comfort level about their abilities to protect the enterprise—with one caveat. Those who expressed that they are "losing sleep" about security management issues indicated that much of their angst stems not from attacks coming from outside the enterprise, but from employees, who through their ignorance or errors, remain a significant cause of security vulnerabilities.

This year's survey respondents expressed satisfaction with the current security at their organization in such areas as desktop PCs, remote access, physical security, and data centers/server farms, with data centers/server farms scoring the highest satisfaction level at over 70%. In addressing their organization's information security issues, 88% of network administrators indicate that they use internal staff and resources, 10% said they employ a security consultant to advise and assist internal staff, while 2% said they outsource to a managed service provider or consulting firm. Ten percent said they are assembling information security tools from a single source for a turnkey solution, while 81% indicate they mix-and-match from multiple sources.

Those respondents that expressed concerns about their users selected a "failure to adhere to company security policies" (40%) as their most important concern, followed by "insufficient training time or budget" (28%) and "no mandate from top management" (23%). When respondents who indicated that they do not "sleep like a baby" were asked to rank their most important concerns, a "security breach to their network", a "recovery plan" (or lack thereof), and "worrying about the next virus/worm" were the highest ranked.

In this year's survey, network administrators were also asked about their comfort level in using technology to monitor individual employee usage of the Internet. Network administrators who work for organizations with more than 20,000 employees indicate that they are less comfortable using technology to monitor individual employee usage of the internet than are network administrators who work for organizations ranging in size from 100 to 5,000 employees. Only 37% of respondents who work for organizations with more than 20,000 employees indicate that they were "somewhat comfortable" or "very comfortable" with monitoring, with respondents who work for enterprises ranging in size from 250 to 5,000 employees indicating comfort levels of 50% or more.

Commented Steve Birnkrant, CEO of Amplitude Research: "This year's survey responses pointed toward a sentiment among network administrators and networking managers that they are generally satisfied with the level of security at their organizations, and are focused on issues such as security breaches, securing remote access, recovery plans, and virus or worm outbreaks. Overall, network administrators expressed significantly higher levels of satisfaction with security at data centers and with desktop PCs than the use of wireless LANs, handheld devices, laptops, or the physical security at their workplace."

Commented Jeff P. Van Dyke, president of VanDyke Software, which provides a number of solutions to enterprises for data protection and commissioned the Amplitude Research surveys: "The human element continues to be a primary cause for concern to network administrators. We hear about individuals who have been burned by phishing scams, an employee who leaves his or her laptop at an airport, or on-the-go professionals who log on to the internet via a less-than-secure-but-available wireless network. What this year's survey responses indicate are that network administrators and managers feel that they're comfortable with their performance in managing technology and solutions to protect their networks and data. It's also appears that they generally have neither the mandate from top management nor sufficient budgets to train employees in proper security awareness and practices."

Survey Findings

In last year's survey, slightly less than half of the respondents indicated that the budget at their organization was sufficient to support current information security needs, as compared to 52% this year.

Respondents were asked to identify the external event that has had the greatest impact on their information security plans. The results for 2004 and 2005 were similar with 10% in 2005 identifying Homeland Security, 18% selecting legislative drivers such as the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes Oxley Act (SOX), and the Graham-Leach-Bliley Privacy Act (GLB), and 37% identifying customer/vendor, partner requirements.

48% of the respondents indicate that their organization uses the Secure Shell (SSH) protocol, up from 43% last year. While the current SSH2 protocol is significantly more robust and secure than the original SSH1 version, there is only a small percentage increase in network administrators who indicate that they are using SSH2 protocol versus SSH1. Network administrators who work for organizations ranging in size from 250 to 4,999 employees indicate a more significant shift to using SSH2 in 2005 than 2004.

50% of the respondents indicate a comfort level with monitoring individual employee usage of the internet, with 29% of respondents working for companies with internet usage policies identifying the use of technology (hardware or software) as the primary method of implementing their organization's policy. Rules based solutions, server log analytics, and dedicated monitoring solutions were the most widely used solutions, with few respondents indicating use of keystroke loggers.

To obtain an executive summary of the survey commissioned by VanDyke Software, contact Krems Public Relations at krems@kremspr.com. KremsPR can also be contacted by media looking for further comments/analysis on the survey from Marc Orchant, PR & Marketing Manager at VanDyke Software. The survey of network administrators and network managers was conducted over a 5-day period from April 26 to April 30, 2005 and had overall 280 responses with a margin of error of 5.82% at a 95% confidence level. Thirty-eight percent of the survey respondents have worked in IT for five to ten years, with 49% having worked in the industry for more than 10 years. All different size employers were represented in the study with 28% of the respondents working for organizations with less than 100 employees, 30% working for organizations with 100 to 1,000 employees, 18% working for organizations with 1,000 to 5,000 employees, and 24% working for organizations with more than 5,000 employees.

ABOUT AMPLITUDE RESEARCH, INC.

Based in Bingham Farms, Mich., Amplitude Research® (www.amplituderesearch.com) is a full-service survey research organization with blue chip clients located throughout the United States and Canada. Amplitude uses proprietary survey technologies, experienced professional services, and advanced statistical analysis to deliver Loud and Clear(TM) survey results. Through its robust online panel of IT professionals and U.S. consumers, and extensive use of timers and re-screening on its proprietary platform to filter the response data, Amplitude provides its clients with high-quality feedback on technology and consumer related subjects.

ABOUT VANDYKE SOFTWARE, INC.

VanDyke Software is a worldwide leader in secure, standards-based internet communications software. The company develops quality data access, file transfer, and communications software for internet and intranet use by corporations, government, and education. VanDyke sells and distributes its software over the internet, offering 30-day evaluation of its products prior to purchase, and has more than one million registered users in over 100 countries. For more information about VanDyke Software, visit the company's web site at www.vandyke.com.

Customer Testimonials

  • "Thanks for the new feature and for the notification that it had been added — I don't really know of any other developer that notifies people who have given feedback like you guys do. That makes for very happy customers."

    —Burt Heymanson, SecureCRT Customer

  • "I would like to thank you for the amazing quality of service and SecureCRT support you give to us."

    —Anton Starovoytov, Solarix Networks, SecureCRT Customer

  • "Thank you for a great release! I've been actively using SecureCRT for many, many years and it's simply the best SSH client in existence!"

    —Rich Tricoche, SecureCRT Customer

Read more about VanDyke customers

VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.