Date

Search News

Archive Crawler
India Asia Middle East Australasia Europe N.America S.America Africa
Finance Personnel Hardware Software Gaming Internet Telecom General
Home
PR Newswire
Business Wire India
RealWire
Finance
Personnel
Hardware
Software
Gaming
Internet
Telecom
General
Features
Globe Newswire
BizWire Express
Tech
-n-
Trivia


Google Custom Search
Click here for Free Industry Resources!
New Survey Reveals a Dangerous Gap in Corporate Social Media Security
IT News Online Staff
2011-10-19

According to a survey conducted by the Ponemon Institute and sponsored by content security provider Websense Inc., there is a dangerous gap in corporate social media security. 63% of more than 4,000 respondents in 12 countries said that social media in the workplace represents a serious security risk, yet only 29% report having the necessary security controls in place to mitigate it. More than 50% of respondents report an increase in malware due to social media use.

The survey, "Global Survey on Social Media Risks", is believed to be the first study that determines what IT and security practitioners throughout the world think about the security risks that are associated with employee use of social media.


The dynamic social Web is qualitatively different from the older static Web. It requires an IT security defense that goes beyond signature and fixed-policy Web technologies (like anti-virus and firewalls), because while they are necessary defenses, they are not sufficient. And yet, while 73% of respondents identify secure Web gateways as an important way to reduce social media threats, a full 27%, more than one quarter, still don’t.

For example, imagine a new link is posted to a popular social network and it directs users to a site that downloads or leads to data-stealing code via obfuscated JavaScript. Organizations need security technology that can analyze links as they appear, because the link path is new and doesn’t have a recognizable signature or known payload. New technologies like social media, cloud services, and mobility require real-time content security, which analyzes information on the fly, as it’s created and consumed.

Even with the risks, social media presents a large business opportunity for collaboration, reduced expenses, and more efficient processes. While organizations believe that bandwidth has been diminished due to social media, companies that block social media are in danger of being left behind.

The study surveyed 4,640 IT and IT security practitioners in Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Mexico, Singapore, UK and the U.S. with an average of 10 years’ experience in the field. 54% are supervisors or above and 42% are from organizations with more than 5,000 employees.

Key findings (India):
Most respondents agree that the use of social media in the workplace is important to achieve business objectives. But 64% of respondents believe employees’ use of social media in the workplace represents a serious security threat to the organization. However, only 33% believe they have the necessary controls in place to mitigate or reduce the risk posed by social media.

- 39% do not have a policy that informs employees about the acceptable use of social media in the workplace or are unsure if such a policy exists (24%). Of those organizations that do have a policy, 49% of respondents say the policy is enforced.

- The most acceptable uses of social media in the workplace are networking with friends inside the company (94%) and networking with friends outside the company (73%) followed by use of social network as an email or texting channel (54%). Least acceptable is downloading apps or widgets from social media sites (4%).

- Diminished employee productivity and IT bandwidth are the two most negative consequences due to an increase in the use of social media in the workplace according to 90% and 73% of the respondents, respectively. 60% worry about the loss of confidential information or violation of confidentiality policies and 49% think an increase in virus or malware infections will be a consequence of increased usage.

- According to 48% of respondents, viruses and malware infections are increasing as a result of social media use and 30% are unsure. Technologies considered by respondents to be most important at reducing or mitigating social media threats are identity and access management, endpoint security solutions and secure Web gateway.

- Social media in the workplace is used both for non-business and business purposes. 47% of respondents say that employees spend more than 30 minutes each day on non-business social media activities and 48% estimate that more than 30 minutes is spent on social media for business purposes each day.

Key findings (Global):
- The rapid spread of social media may have caught many organizations off guard. 63% agree that employee use of social media puts their organizations’ security at risk. In contrast, only 29% say that they have the necessary security controls, such as secure Web gateways, in place to mitigate or reduce the risk posed by social media.

- Malware attacks have increased because of social media usage and it’s growing. 52% of organizations experienced an increase in malware attacks as a direct result of employee use of social media, and 27% say that these attacks recently increased more than 51%. The U.S., UK, Brazil, Germany and Singapore reported the highest increase.

- Only one of the three technologies that respondents favor can block advanced malware and data theft attacks. Respondents identified anti-virus/anti-malware (76%), endpoint security (74%) and secure Web gateways (73%) as important protections. But only secure Web gateways with real-time content analysis and data loss prevention can block advanced malware and data theft attacks, many of which seek entry through social media.

- Even if they have a policy that addresses the acceptable use of social media in the workplace, 65% say that their organizations do not enforce it or they are unsure. The top three reasons for not enforcing these policies are: lack of governance and oversight (44%); other security issues are a priority (43%); and insufficient resources to monitor policy compliance (41%).

- Organizations believe that IT bandwidth has been diminished as a result of social media use. The top two negative consequences of an increase in social media use were diminished productivity (89%) and reduced IT bandwidth (77%), which increase costs. Just under half (47%) believe exposure to inappropriate content is a negative consequence.

- 60% of employees use social media for at least 30 minutes per day for personal reasons. The U.S., UK, France, Italy and Mexico have the highest use of social media for non-business reasons. Organizations in Germany have the highest use of social media for business purposes. Regional variations are often compounded by higher local bandwidth costs, which shift the priority of this concern throughout the globe.

- Countries most likely to see social media as important to meeting business objectives are the UK, Germany, Hong Kong, India and Mexico. The countries with organizations that are less likely to see the importance of social media are: Australia, Brazil, and Italy.

- Countries most likely to see social media as a serious threat to their organizations are Canada, Hong Kong and Mexico. Countries least likely to see social media as a threat are France and Italy. Organizations in Germany have the most confidence in their ability to address the social media threats.

"Blocking or ignoring the social media business opportunity just isn’t an option. Social media is the new communication platform being fueled by the cloud and mobile technologies that employees are bringing to the workplace," said Tom Clare, Websense senior director of Product Marketing. "While anti-virus and firewalls are traditional pillars of a security defense, a new security pillar is required for dynamic Web content classification, advanced threat blocking, and data theft protection."

"Organizations need to develop social media acceptable use policies, set appropriate quotas, and most importantly, use security that examines the content and context of social media sites in real time. Sites like Facebook, Twitter, YouTube and LinkedIn change too rapidly to rely on traditional background analysis and security software update cycles. That’s why Websense developed the TRITON real-time content security solution that can analyze individual pieces of content on these social media sites and protect your organization from modern malware and data theft, plus policy controls to preserve bandwidth," added Clare.

"We asked thousands of IT security professionals and most respondents agree that the use of social media in the workplace is important to achieving business objectives," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "However, they believe social media puts their organizations at risk and they do not have the necessary security controls and enforceable policies to address the risk. It’s also clear that malware attacks are increasing as a result of social media use."

A full copy of the Websense "Global Survey on Social Media Risks" can be downloaded at www.websense.com/social-media-risks.
Telephone Systems