Companies are becoming more vigilant when it comes to their employees’ use of social networking sites, according to Webroot.
The survey of more than 1,000 businesses from the U.S. and U.K. with up to 500 employees found most (81 percent) have an employee Internet policy. Half (50 percent) say employees are not permitted to visit any social networks via a company computer or laptop.
“Clearly the potential impact of social networks as a threat vector has hit home for IT administrators,” said Gerhard Eschelbeck, CTO of Webroot. “One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack and over half of companies said their network was infected with spyware this year. Every company needs to develop a policy for social networking use and should also deploy reliable Web security services for ongoing protection against zero-day threats.”
Just as new variants of the Koobface social networking worm continue to evolve, so are company policies – some have made changes as a result of an employee’s misuse of these sites:
- 42 percent have implemented an Internet use policy as a result of an employee’s inappropriate use of social networking site; more than one-third (34 percent) deployed a Web security product to monitor Internet use and enforce policies
- Four in ten of those polled (39 percent)have an Internet use policy that prohibits employees from visiting Facebook, 30 percent block access to Twitter and 27 percent from video-sharing sites like YouTube
- Two in 10 SMBs (21 percent) only allow employees to visit social networking sites during specific times (lunch break, after work hours, etc.)
- 16 percent grant certain departments (e.g., marketing) permission to visit specific social networking sites.
Concern about threats via social networking sites remains high.
- More than half of those polled (53 percent) say they are very or extremely concerned about malware infections via social networks
- Two out of five (42 percent) are very or extremely concerned about data leakage through social networking sites.
Many SMBs say they were victims of security breaches in 2010.
- Nearly one-third (30 percent) say Web-based threats caused the biggest security headache for them in 2010
- More than one in 10 (12 percent) say sensitive company information has been released via their employee’s use of social networking sites
- 50 percent were victims of a virus or worm; while four in 10 say they experienced a phishing attack this year.