Research conducted by IT security and control firm Sophos has revealed that 50 percent of workers are being blocked from accessing Facebook by their employers who are worried about the website’s impact on productivity and security, and have therefore put policies or access controls in place to ban its use in the workplace.In a Sophos poll of 600 workers, 43 percent revealed that their company was blocking access to Facebook, while an additional seven percent reported that usage of the social networking website was restricted and only those with a specific business requirement were allowed to access it.
In contrast, 50 percent of respondents said that their company did not block access to Facebook, with eight percent specifying that the reason was fear of employee backlash.
A second poll showed that 66 percent of workers were concerned that their colleagues were sharing too much information on Facebook, which could lead to identity theft and targeted phishing attacks against the company.
|Does your company block access to Facebook?|
|Yes – only those with a business requirement can access it||
|No – workers would complain||
Sophos online survey, 600 respondents, 31 July – 13 August 2007.
|Are you worried that work colleagues and employees are sharing too much information on Facebook?|
Sophos online survey, 287 respondents, 13 August – 21 August 2007.
According to Sophos, a large number of Facebook profile pages contain users’ current employment details, which could be used together with other stolen information by cybercriminals bent on committing corporate fraud, or to infiltrate company networks. Last week, Sophos published research showing that 41 percent of Facebook users were prepared to divulge personal information to a complete stranger (a small plastic frog called Freddi Staur), highlighting the extent of the problem facing businesses.
“Companies are split on the question of Facebook. Some believe it to be a procrastinator’s paradise which can lead to identity theft if users are careless. Others either view it as a valuable networking tool for workers or are too nervous of employees backlash if the site is suddenly blocked,” said Graham Cluley, senior technology consultant at Sophos. “Companies need to make their own mind up as to whether they want to allow their users to access websites like Facebook and MySpace during office hours. If workers are allowed to be given access to these sites then it’s imperative that they are taught best practices to ensure that they are not putting their personal and corporate data at risk. Five minutes spent learning the ins-and-outs of Facebook’s privacy settings, for instance, could save a lot of heartache later.”
Sophos has reported a rise in the number of customers using its Web Security and Control appliance to block social networking websites like MySpace, Bebo and Facebook.
LloydsTSB, Credit Suisse, and Goldman Sachs are amongst the companies reported to have blocked employees from visiting Facebook.
“More businesses are restricting access to these kinds of sites. Employees may not like it, but these websites can represent a security risk if used carelessly. Unless there’s a work purpose, many firms do not see any reason why staff should need to access them during work time,” continued Cluley. “Companies are increasingly looking to secure and control their workers’ web activity because of the impact it can have on the company in terms of productivity, bandwidth and security.”
Extracted from: Sophos e-newsletter 21st August 2007