Browser Security FAIL

New survey report shows businesses are not adopting best security practices for their users Web activity.

Its no surprise to learn businesses are worried about cybersecurity, especially after another big year of data breaches and cyberattacks. Even so, most organizations dont take basic steps towards securing the browser - one of the prime vectors of attack.
Authentic8 surveyed 250 business pros in the US to learn about top-of-mind security concerns, personal browsing behavior, and corporate browsing policies. Researchers learned there is a knowledge gap in protecting employees and businesses, says founder and CEO Scott Petry.
The browser is a ubiquitous dashboard for business functions, Web apps, personal activity like banking and healthcare, etc., Petry explains. Its also become the biggest source of vulnerability in terms of information theft, identity theft, and malicious exploits.
Enterprise security strategies have not evolved to meet business needs. When asked about corporate browsing policies, 26% of respondents say they dont have a policy in place; 36.5% have a policy that allows personal Web activity within reason, and 21% have a policy that blocks most personal Web activity like social media.
Only 6% have a strict Web policy that blocks personal Web access. Ten percent answered the question with I dont know, which Petry admits was a concerning trend across all survey results.
The amount of people who said I dont know suggests a naiveté that may be a bit scary, he says. This suggests user education is a big gap, which isnt a surprise but a disturbing statistic.
When asked about the most concerning online threats, the respondents cited identity theft (80%), stolen credit card data (79%), viruses and malware aside from malware (75%), and phishing or password theft (66.5%).
Petry says these results are characteristic of the surveys target audience, which was comprised of businesspeople and not IT or security pros. Respondents cite greater concern for personal issues like credit card theft; however, less than half (47%) listed ransomware, a sign they dont have business assets at top of mind.
Unlike stolen credit card data, ransomware puts all employee information at risk, and it doesnt use anything technically innovative to do it. Business pros may not know what ransomware is, Petry admits, and this is a concern.
Once ransomware is on your system, it does some interesting things, but it gets there by the same process, he explains. The user clicks a link, the browser downloads code and executes it. There is no new class of exploit, and the fact that more people arent aware is surprising, he says.
The most consistently disturbing aspect of the survey was the issue of password misuse, and the cavalier nature with which people protect their accounts and data.
Most respondents (60%) claimed to use the same passwords across different websites when its not important. Eighteen percent claimed to do this all the time and only 24% said they never use the same password twice.
This is an education problem, and IT needs to think about employee instruction as more formal process. Companies investing in this, and making users smarter about online activity, is an important pillar in security. Regular updates for firewalls and anti-virus programs arent enough to protect businesses in an increasingly connected world, Petry cautions.
Related Content:
Corporations Cite Reputational Damage As Biggest Cyber Risk
Biometric Technology Is Not A Cure-All For Password Woes
Cybersecurity Readiness Confidence Declined In 2016

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Browser Security FAIL