Webroot Research Shows Half of SMBs Block Employee Access to Facebook

Internet Security Service Provider Reveals how Social Networking has Impacted SMB Security in 2010

Boulder, Colo., November 15, 2010

New research commissioned by Webroot, the first Internet security service company, shows companies are becoming more vigilant when it comes to their employees' use of social networking sites. The survey of more than 1,000 businesses from the United States and United Kingdom with up to 500 employees found most (81 percent) have an employee Internet policy. Half (50 percent) say employees are not permitted to visit any social networks via a company computer or laptop.

"Clearly the potential impact of social networks as a threat vector has hit home for IT administrators," said Gerhard Eschelbeck, CTO of Webroot. "One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack and over half of companies said their network was infected with spyware this year. Every company needs to develop a policy for social networking use and should also deploy reliable Web security services for ongoing protection against zero-day threats."

Just as new variants of the Koobface social networking worm continue to evolve, so are company policies - some have made changes as a result of an employee's misuse of these sites:

  • 42 percent have implemented an Internet use policy as a result of an employee's inappropriate use of social networking site; more than one-third (34 percent) deployed a Web security product to monitor Internet use and enforce policies;
  • Four in ten of those polled (39 percent)have an Internet use policy that prohibits employees from visiting Facebook, 30 percent block access to Twitter and 27 percent from video-sharing sites like YouTube
  • Two in 10 SMBs (21 percent) only allow employees to visit social networking sites during specific times (lunch break, after work hours, etc.)
  • 16 percent grant certain departments (e.g., marketing) permission to visit specific social networking sites

Additional Findings:
Concern about threats via social networking sites remains high.

  • More than half of those polled (53 percent) say they are very or extremely concerned about malware infections via social networks
  • Two out of five (42 percent) are very or extremely concerned about data leakage through social networking sites

Many SMBs say they were victims of security breaches in 2010.

  • Nearly one-third (30 percent) say Web-based threats caused the biggest security headache for them in 2010
  • More than one in 10 (12 percent) say sensitive company information has been released via their employee's use of social networking sites
  • 50 percent were victims of a virus or worm; while four in 10 say they experienced a phishing attack this year

Webroot's portfolio of security services for businesses includes Webroot® Web Security Service, which provides URL and web content filtering, plus protection against Web-based malware threats for on-site and mobile employees; and Webroot Email Security Service, which delivers advanced protection against spam, viruses and data loss. Both solutions are designed to provide businesses with enterprise-class security with better manageability, better value and better protection than on-premise security solutions.

About the Research
Between October 29 and November 3, 2010, Webroot sponsored an online survey of businesses with 500 and fewer employees. Invitations to participate were emailed by e-Rewards to panel members in the United Kingdom and the United States. Respondents qualified for the survey if they were purchase decision makers for email or Web security. At the 95 percent confidence level the margin of error is ±3.0 percentage points for the full sample of 1,087 respondents, ±3.6 points for the US sample of 751 and ±5.4 points for the UK sample of 336

ABOUT WEBROOT

Webroot is bringing the power of software-as-a-service (SaaS) to Internet security with its suite of Webroot® SecureAnywhere™ offerings for consumers and businesses. Webroot also offers security intelligence solutions to organizations focused on cyber-security, such as Palo Alto Networks, F5, Corero, Juniper, and others. Founded in 1997 and headquartered in Colorado, Webroot is the largest privately held Internet security organization based in the United States. For more information, visit http://www.webroot.com or call 800.772.9383. Read the Webroot Threat Blog: http://blog.webroot.com. Follow Webroot on Twitter: http://twitter.com/webroot.

©2013 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

Copyright 2004 - 2013 Webroot Inc.

1 Online survey fielded April 26 and April 27, 2010 with 505 US Web and email security decision-makers in companies with 10 to 999 seats. The survey was commissioned by Webroot and conducted by e-Rewards. The margin of error is ±4.4 percentage points. *p<.05 indicates a significant difference at the .05 level and **p<.01 indicates a significant difference at the .01 level. NSD=No Significant Difference.