Global Computer Security Study Reveals Employees Take Unnecessary Risks

Business Wire, June 5, 2007

Employers Need to Implement Consistent, Multilayered Approach to Security

SCOTTS VALLEY, Calif. -- SurfControl (LSE:SRF), the leading provider of global on-demand, network and endpoint IT security solutions, today released an international Trust & Risk in the Workplace Study, conducted by Dr. Monica Whitty of Queen's University Belfast. The study surveyed 1000 mobile and desktop employees across five countries - the United States, Australia, the Netherlands, Singapore, and the United Kingdom - on the risks taken over company networks. The study demonstrates that employees in all regions take security risks, and mobile users take more risks than desktop users.

The study also found that across all activities surveyed, laptop users took more risks than their deskbound colleagues and some laptop users access the Internet through potentially insecure networks. According to the study, two thirds use wireless hotspots.

"Almost two thirds of our sample would blame their employer if confidential data was stolen from their work computers," Whitty said. "Given that security breaches and careless mistakes can lead to the loss or theft of confidential information, employers should be cautious when it comes to protecting confidential data."

"Businesses cannot afford to think that out of sight is out of mind," said Dr. Richard Cullen, chairman of SurfControl's global technology strategy council. "This research highlights the importance of applying a consistent security strategy across all employees, regardless of where or how they access the corporate network."

The risky activities studied include using USB keys, instant messaging, downloading music and sending confidential information via email. All of these activities have the potential to introduce unwanted content to the network, expose confidential information or compromise legal liability.

The first step to security for organizations worldwide is ensuring that the corporate usage policy is current and relevant to both desktop and mobile users, and that employees understand the importance of the guidelines in place. By layering security solutions across multiple network entry points, organizations can deflect malicious and unwanted content while also exercising granular control of employee usage policies.

Please visit the following link for access to the complete study: http://www.surfcontrol.com/default.aspx?id=491&mid=32

About SurfControl

SurfControl provides a portfolio of security solutions to protect our customers from Internet threats, deliver business and regulatory compliance, and enable business continuity. SurfControl believes that security should be treated as a science, delivering protection at multiple points -- "in the cloud" with on-demand security services, on the network with software and appliances, and on the desktop and mobile client. All of SurfControl's solutions for Web, e-mail and endpoint security are backed by industry-leading threat detection technologies, delivered by SurfControl's Global Threat Experts who work 24/7 to provide customers with dynamic zero-day protection. The company protects more than 16 million users and over 25,000 customers worldwide, and employs more than 600 people in offices across Europe, the Americas, and Asia/Pacific. For further information and news on SurfControl, please visit www.surfcontrol.com.

About the Trust & Risk in the Workplace Study

Conducted by Dr Monica Whitty at the School of Psychology at Queen's University Belfast, the Trust & Risk in the Workplace Study researched security risks and responsibility in the United States, United Kingdom, Australia, The Netherlands and Singapore. The survey was mailed to randomly selected individuals who were invited to participate voluntarily. The number of respondents was 1058, 20% from the United States, 19% United Kingdom, 20% Australia, 21% The Netherlands and 20% Singapore.