By Doug Allen

Information protection is the highest priority for SMBs’ IT staff today, according to a new Symantec survey. Thats a big change from the last period polled about 15 months ago, which found that a large number of respondents had not implemented even the most basic safeguards. The report, 2010 Global SMB Information Protection Survey, presents responses from 2,152 SMB executives and IT decision-makers across 28 countries, polled last month.

Small and mid-sized organizations are facing increased risks to their confidential information including bank account numbers, credit card information and customer and employee records, said Bernard Laroche, senior director of product marketing at Symantec. Whether its due to a malware attack, a server crash, or a stolen mobile device, loss of information can be highly detrimental, if not fatal for an SMB. A year ago, a Symantec survey found one-third of SMBs did not have the most basic protection of all antivirus protection. It is exciting to see that SMBs acknowledge the risks they face and are taking action to protect their information more completely.

As part of the increased concern over information protection, especially from data loss and cyber attacks, SMBs are now spending an average of $51,000 annually, dedicating two-thirds of IT staff hours to information protection tasks such as computer security, backup, and recovery and archiving. Disaster preparedness is also on the rise; 87 percent of SMBs say they have a disaster preparedness plan in place, although just 23 percent categorize their plan as pretty good or excellent.

SMBs also appear to be increasingly aware of the consequences of critical business information loss, with 74 percent somewhat or extremely concerned about it. Forty-two percent of respondents admit to having had such incidents, which led directly to lost revenue or financial costs such as money or goods.

One of the main threats to SMB information protection is through lost devices. Just under two-thirds of businesses polled admit to losing laptops, smartphones or iPads over the last year, and all of these respondents report owning at least some devices that are not password-protected and do not support remote data deletion in case of theft or loss.

Cyber attacks are the other big pain point for SMBs, with a staggering 73 percent suffering such an attack over the last year. Of these attacks, 30 percent were considered somewhat or extremely successful. All SMBs polled agreed on the severity of cyber threats, citing losses from downtime leading to direct costs such as lost productivity, lost revenue and customer dissatisfaction  as well as business-critical data and personal information on customers and employees.