New research commissioned by Webroot, the first Internet security service company, shows companies are becoming more vigilant when it comes to their employees' use of social networking sites. The survey of more than 1,000 businesses from the United States and United Kingdom with up to 500 employees found most (81 percent) have an employee Internet policy. Half (50 percent) say employees are not permitted to visit any social networks via a company computer or laptop.
"Clearly the potential impact of social networks as a threat vector has hit home for IT administrators," said Gerhard Eschelbeck, CTO of Webroot. "One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack and over half of companies said their network was infected with spyware this year. Every company needs to develop a policy for social networking use and should also deploy reliable Web security services for ongoing protection against zero-day threats."
Just as new variants of the Koobface social networking worm continue to evolve, so are company policies - some have made changes as a result of an employee's misuse of these sites:
- 42 percent have implemented an Internet use policy as a result of an employee's inappropriate use of social networking site; more than one-third (34 percent) deployed a Web security product to monitor Internet use and enforce policies;
- Four in ten of those polled (39 percent)have an Internet use policy that prohibits employees from visiting Facebook, 30 percent block access to Twitter and 27 percent from video-sharing sites like YouTube
- Two in 10 SMBs (21 percent) only allow employees to visit social networking sites during specific times (lunch break, after work hours, etc.)
- 16 percent grant certain departments (e.g., marketing) permission to visit specific social networking sites
Concern about threats via social networking sites remains high.
- More than half of those polled (53 percent) say they are very or extremely concerned about malware infections via social networks
- Two out of five (42 percent) are very or extremely concerned about data leakage through social networking sites
Many SMBs say they were victims of security breaches in 2010.
- Nearly one-third (30 percent) say Web-based threats caused the biggest security headache for them in 2010
- More than one in 10 (12 percent) say sensitive company information has been released via their employee's use of social networking sites
- 50 percent were victims of a virus or worm; while four in 10 say they experienced a phishing attack this year
Webroot's portfolio of security services for businesses includes Webroot® Web Security Service, which provides URL and web content filtering, plus protection against Web-based malware threats for on-site and mobile employees; and Webroot Email Security Service, which delivers advanced protection against spam, viruses and data loss. Both solutions are designed to provide businesses with enterprise-class security with better manageability, better value and better protection than on-premise security solutions.
About the Research
Between October 29 and November 3, 2010, Webroot sponsored an online survey of businesses with 500 and fewer employees. Invitations to participate were emailed by e-Rewards to panel members in the United Kingdom and the United States. Respondents qualified for the survey if they were purchase decision makers for email or Web security. At the 95 percent confidence level the margin of error is ±3.0 percentage points for the full sample of 1,087 respondents, ±3.6 points for the US sample of 751 and ±5.4 points for the UK sample of 336.