The use of social networking applications has significantly lowered the security posture for up to 82 percent of organizations in a new survey by the Ponemon Institute and Check Point. Nearly half of the U.K. respondents believe that corporate employees rarely, or never, consider security when using Web 2.0 applications.
The study surveyed 2,100 I.T. and security practitioners located in the U.K., U.S., Australia, France and Japan. It showed that a majority of respondents in the U.K., U.S. and Australia believe employees should be held most responsible for mitigating the security risks associated with using Web 2.0 applications, ahead of information security and corporate IT staff.
However, 49 percent of U.K. IT practitioners believe their organization’s employees lack security awareness when using Web 2.0 applications and rarely, or never consider security issues when downloading content, browsing, uploading files, opening links or engaging in social networking at work. This agreed closely with respondents’ answers from the U.S. and Australia, at 52 percent and 48 percent respectively. In contrast, less than a quarter of respondents in France (22 percent) and Japan (24 percent) felt their users disregard security issues when browsing.
58 percent of the professionals surveyed in the U.K. and Australia said that Web 2.0 applications have a significant or very significant impact on the security posture of their companies. In the U.S. and Japan, the figure is even higher, at 80 percent and 82 percent respectively. However, in France, the level of concern over Web 2.0 security in the workplace appears to be much lower, at 45 percent.
IT administrators cited primarily workplace inefficiencies, malware, data loss and viruses as the main threats caused by insecure use of Web 2.0 applications, such as social networking, blogs and wikis. 43 percent of those interviewed in the U.K. and Australia consider minimizing Web 2.0 security risks as a high or very high priority for their organization, and the vast majority of them feel that the issue should be addressed over the next two to five years. Interestingly, in the U.S. and Japan these figures are even higher.
65 percent of IT administrators in the U.S., and 68 percent in Japan consider Web 2.0 security is a very high or high priority for their company; and a large majority of respondents feel the risks need to be resolved immediately. However, security administrators in France take a different view, with 63 percent considering Web 2.0 security as a low priority.