IT security in SMEs criticised

In the context of the current discussion about industrial espionage the German Association of Information Management, Telecommunication and New Media (BITKOM) laments a lack of a thought-out IT security strategy in most small and medium-sized entities (SMEs). Even though many entrepreneurs consider their business secrets to be safe, current reports on foreign hackers attacking German SMEs show a different picture, says BITKOM.

According to BITKOM, the initiative for the implementation of an IT security strategy should exclusively come from business management. »Only if business management sends a clear signal and truly supports the new strategy, will employees follow suit«, says BITKOM vice president Mr. Heinz-Paul Bonn.

If a company has available an expert on IT security issues, this person should also be in charge of the observation of security guidelines. In this respect there are standards available as, for instance, the Grundschutzhandbuch des Bundesamts für Sicherheit or the British Standard BS 7799. Everyone not disposing of inhouse expert knowledge should consult external service providers. An outline of security standars is provided by the BITKOM »Kompass IT-Sicherheitsstandards« guide. GERMAN