Press Releases

Press Release

Bigger Getting Better in '06: Year-to-Year IT Security Survey Spotlighting Best Practices in Intrusion Defense Shows Lower Percentage of Enterprises With More Than 10,000 Employees Report Network Intrusions in Past Two Years

BOCA RATON, FL and ALBUQUERQUE, NM, November 8, 2006/MarketWire/ — According to an Amplitude Research® survey of IT security professionals commissioned by VanDyke Software®, 41% of respondents from large enterprises with over 10,000 employees noted their organization's network had been the victim in the last two years of a successful intrusion by a hacker or other unauthorized person – down from 47% in an Amplitude Research-executed survey commissioned by VanDyke the year before. However, 41% of large enterprise respondents also indicated that in the past two years there had been a successful intrusion to the organization's servers, up from 39% in last year's survey.

Meanwhile, small enterprises showed significant tactical improvement in their intrusion defense efforts, as organizations with less than 100 employees reported increased security monitoring of user machines and/or office networks (84% in 2006 versus 69% in 2005), and increased monitoring of servers (83% in 2006 versus 71% in 2005).

Amplitude Research conducted this year's study on behalf of VanDyke Software over a two-day period from October 25th to October 26th, 2006. There were 350 survey respondents resulting in a margin of error of 5.19% at a confidence level of 95%. Qualifying survey respondents were within one of the following job titles/job functions in the IT industry: CEO/President of Tech Company; CIO/CTO; IT Manager; Director of Networking/Network Manager/System or Network Administrator; VP/Director MIS/MIS Manager; and VP/Director of Information Technology. Respondents' average years of service in the IT industry was greater than 10 years, with 46% having worked in the industry for more than 10 years.

Below are some other key findings of this year's survey:

• Overall, 88% of all of the respondents reported that their organization has anti-virus software installed on the office network. However, for organizations with 100 to 999 employees, there was a statistically significant decline in the use of anti-virus software with close to 18% reporting "No" installation, an increase from 8% in 2005. Similarly, there was a decline in 2006 reported by this group with regard to taking steps to "lock down" user machines and/or the office network (86% in 2006 versus 93% in 2005).
• The 2006 results indicate a 10% increase (versus 2005) in the use of port scanners to locate out-of-policy services on the network (48% versus 38%).
• The 2006 results indicate a 10% decrease (versus 2005) in the use of a network analyzer (e.g., Microsoft Baseline Security Analyzer) to lock down servers (43% versus 53%).
• Overall, organizations are using the following solutions to meet the challenges of intrusions to office machines and/or office networks (2005 results are reported in the parenthesis):
  • 87% installed a network firewall (92%)
  • 57% installed a user-based firewall (51%)
  • 54% turned off nonsecure protocols like Telnet or FTP (53%)
  • 50% implemented WiFi security (42%)
  • 48% use a network analyzer (54%)
  • 48% use a port scanner to locate out-of-policy services on the network (38%)
  • 47% installed an Intrusion Detection System (52%)
  • 43% set up a DMZ (40%)
  • 1% stated "other" (4%)

Trade Magazines Overtake Security-Related Web Sites This Year For Where Enterprises Are Finding Their Information About Security Best Practices

According to this year's survey, the top sources for IT Security Best Practices were:

• Trade Magazines (68%)
• Security-Related Web Sites (67%)
• Conferences (55%)
• Training Courses From Professional Organizations (54%)
• Online Discussion Forums (51%); and
• Newsletters (43%).

Last year Security-Related Web Sites held the top ranking at 69%.

More Findings from the Survey Available
An executive summary of the findings of the Amplitude Research survey commissioned by VanDyke Software reveals other statistics on matters such as how enterprises lock down individual computers, office networks, and office servers; how frequently these methods are used; and the methods of deploying Windows updates and patches. To obtain an executive summary of the survey results along with a full report, contact Krems Public Relations at krems@kremspr.com. KremsPR can also be contacted by media looking for further comments/analysis on the survey from Steve Birnkrant, President and CEO of Amplitude Research, or Jeff P. Van Dyke, President and CEO of VanDyke Software.

ABOUT AMPLITUDE RESEARCH, INC.
Based in Boca Raton, Fla., Amplitude Research (www.amplituderesearch.com) is a full-service survey research organization with blue chip clients located throughout the United States and Canada. Amplitude uses proprietary survey technologies, experienced professional services, and advanced statistical analysis to deliver Loud and Clear™ survey results. Through its robust online panel of IT professionals, business executives, and U.S. consumers, and extensive use of timers and re-screening on its proprietary platform to filter the response data, Amplitude provides its clients with high-quality feedback on technology, business, and consumer related subjects.

ABOUT VANDYKE SOFTWARE, INC.
IT professionals who are responsible for network administration and end-user access where security is critical rely on VanDyke Software's rock solid and easy to configure software. The company develops secure, standards-based data access, file transfer, and communications software for internet and intranet use by corporations, government, and education. VanDyke Software consistently delivers accurate, responsive support, and addresses its customers' evolving needs with timely product enhancements. VanDyke offers a fully-supported 30-day evaluation of its products prior to purchase. For more information about VanDyke Software, visit the company's web site at www.vandyke.com.