News 

Remote access, wireless networks and PDAs maybe on the wish list for many businesses, but they are often being deployed without appropriate security provisions, according to the DTI's 2004 Information Security Breaches Survey.

'Many of those who want remote access appear to be the least aware of the additional risks it entails and/or are senior people in the organisation and have the power to authorise it,' said Andrew Beard, the PricewaterhouseCoopers advisory director leading the survey.'

Today, around a third of UK businesses have deployed wireless networks, compared

ADVERTISEMENT

with 2 per cent in 2002. Likewise, 86 per cent of large businesses in the UK offer remote access, compared with 71 per cent for 2002.

But in the rush to new technologies, security has been put on the backburner. Of those companies with wireless networks, 8 per cent reported attempts to gain access through them and 23 per cent said they had no idea whether anyone was probing their network via wireless access. Indeed just 20 per cent turn on Wired Equivalent Privacy (WEP) controls to protect network traffic.

'Businesses seem to be dragging their feet when it comes to introducing security controls over remote access to their systems... the majority of companies do not analyse their security incidents in a way that enables them to identify which are caused by remote access,' added Beard. 'Awareness of the available security techniques is poor, leading to inappropriate security controls being deployed.'

More than half the UK businesses that deploy PDAs have no security provisions in place to protect the data on them. And those companies that offer remote access often use the same password controls to log on to the network as are used within the office.