Half of SMBs Ban Facebook At Work

Fifty percent of SMBs in the UK and US ban their staff from accessing social networking websites, a Webroot survey has revealed

Despite the ever increasing popularity of social networking, small to midsize businesses (SMBs) are becoming increasingly vigilant about their staff accessing those sites.

So found research commissioned by Internet security specialist Webroot. The survey of more than 1,000 businesses from the United Kingdom and United States with up to 500 staff found most (81 percent) have an staff Internet policy.

And half (50 percent) said staff are not permitted to visit any social networks via a company computer or laptop.

Increasing Vigilance

The report found just as new variants of the Koobface social networking worm continue to evolve, so are company policies – some have made changes as a result of an employee’s misuse of these sites: 42 percent have implemented an Internet use policy as a result of an employee’s inappropriate use of a social networking site, and more than one-third (34 percent) deployed a web security product to monitor Internet use and enforce policies.

Four in 10 of those polled (39 percent) have an Internet use policy that prohibits employees from visiting Facebook, while 30 percent block access to Twitter and 27 percent prohibit access to video-sharing sites like YouTube.

Two in 10 SMBs (21 percent) allow employees to visit social networking sites only during specific times (lunch break, after work hours, etc.), and 16 percent grant certain departments (for example marketing) permission to visit specific social networking sites.

Security Concerns

“Clearly the potential impact of social networks as a threat vector has hit home for IT administrators,” said Gerhard Eschelbeck, CTO of Webroot. “One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack, and over half of companies said their network was infected with spyware this year. Every company needs to develop a policy for social networking use and should also deploy reliable Web security services for ongoing protection against zero-day threats.”

The report also found that concern about threats via social networking sites remains high. More than half of those polled (53 percent) said they are very or extremely concerned about malware infections via social networks, while two out of five (42 percent) said they are very or extremely concerned about data leakage through social networking sites.

Data Loss

Nearly one-third (30 percent) say web-based threats caused the biggest security headache for them in 2010, and more than one in 10 (12 percent) say sensitive company information has been released via their employees’ use of social networking sites.

Half of those surveyed said they were victims of a virus or worm, while four in 10 said they experienced a phishing attack this year.