The survey, undertaken for GFI Software by Opinion Matters, shows that many small businesses do not have smoothly running and functioning security defenses, with the result that administrators are forced to spend more time than should be necessary simply managing the security system rather than the company system. For example, 27% of the admins admitted to not running the same antivirus solution with the same license renewal date on all company PCs, and 33% do not have a centrally managed antivirus solution. As a result of this, 51% of the respondents spend at least 10 hours every month manually updating their antivirus software and/or removing malware from their users’ PCs. And a similar figure wouldn’t bet their own money that their systems are currently free of malware.
Many of these small business admins see a solution lying in the cloud. Seventy-eight percent of the respondents would be interested in a web-based service that enables them to manage antivirus protection on company PCs; but far fewer currently make much use of the cloud at all. Indeed, 28% said that none of their IT applications are delivered from the cloud, while a further 28% said that less than a quarter of their applications are cloud-based.
The main reasons for low cloud usage are considered to be a lack if in-house expertise, concerns over third-party control over company data, and the traditional worry about security in the cloud.
However, if the problems could be solved, and if they no longer had to spend time manually managing antivirus software and identifying and repairing server and workstation failures, the most important IT tasks they would pursue include backing up data, files and systems; cleaning up database files, disks and servers; upgrading programs, software and hardware; developing, designing and maintaining company websites; and converting to cloud-based services. In other words, with better rationalized anti-virus and more effective use of the cloud, the respondents would be able to revert to their traditional status as system administrators rather than security administrators.