Lax security leaving networks wide open

Lax firewall security is leaving companies open to the installation of malicious software on their internal networks, a newly published Harris poll has warned.

Fewer than half of companies block executable files from the internet, and the same percentage fail to prevent such software coming in via instant messaging. Some 40 per cent do not even block executables in email, the major cause of virus infections.

"Most organisations already prevent attachments coming in through email," said Geoff Haggart, vice president of Websense, which sponsored the Harris poll.

"However, HTML within emails is frequently left unblocked leaving employees vulnerable to attack from phishers hungry for personal and company data."

The phishing threat was highlighted in the research as a major problem. Over 80 per cent of those questioned indicated that their company had received phishing emails, and 45 per cent said that employees had clicked through to the bogus websites.

Lack of awareness is key to this problem, according to the poll. Two thirds of employees claimed not to know what phishing is, and half of all companies admitted to having no internet security training.