A recently concluded online survey organized by SC Magazine and Symantec has resulted is some curious and some expected results.
When asked to give their opinion on which is the most likely route to malware infection in their organization, the majority of respondents (67.6%) opted for employee use of the web. 28.4% of the survey-takers identified employee use of email as the main vector of infection, while only 3.9% thought that the use of IM was responsible for it.
Blocking of specific URLs is the most favored option when it comes to control employee access to the web – 64.7% of the organizations with which the respondents are employed practice it. 59.8% apply rules based on category of website, 38.% apply rules by users and 20.6% employ time-based rules.
A question (allowing multiple answers) that was aimed to show just how aware the respondents were of the fact that some actions could lead to malware infection, demonstrated that they are quite knowledgeable on the subject. 89.2% believe their computer can get infected by downloading files, 85.3% know that visiting a website could lead to infection, and 84.3% consider following an ad on a website a risky proposition.
66.7% of the respondents think that a user must perform an action on a website (download a file, click a link, etc.) in order to get his system infected, while only 33.3% of them agreed with the opposite statement.