Sophos's WS1000 appliance defends firms against web threats, and
allows IT departments to block access to unapproved sites.
Research conducted by IT security and control firm Sophos has
revealed that 50 percent of workers are being blocked from
accessing Facebook by their employers who are worried about the
website's impact on productivity and security, and have therefore
put policies or access controls in place to ban its use in the
workplace.
In a Sophos poll of 600 workers, 43 percent revealed that their
company was blocking access to Facebook, while an additional seven
percent reported that usage of the social networking website was
restricted and only those with a specific business requirement were
allowed to access it.
In contrast, 50 percent of respondents said that their company
did not block access to Facebook, with eight percent specifying
that the reason was fear of employee backlash.
A second poll showed that 66 percent of workers were concerned
that their colleagues were sharing too much information on
Facebook, which could lead to identity theft and targeted phishing
attacks against the company.
Survey results
Does your company block access to
Facebook?
|
| Yes |
|
|
| Yes - only those with
a business requirement can access it |
|
|
| No - workers would
complain |
|
|
| No |
|
|
Sophos online survey, 600 respondents, 31 July - 13
August 2007.
Are you worried that work colleagues and
employees are sharing too much information on Facebook?
|
| Yes |
|
|
| No |
|
|
Sophos online survey, 287 respondents, 13 August - 21
August 2007.
According to Sophos, a large number of Facebook profile pages
contain users' current employment details, which could be used
together with other stolen information by cybercriminals bent on
committing corporate fraud, or to infiltrate company networks. Last
week, Sophos published research showing that 41 percent of
Facebook users were prepared to divulge personal information to
a complete stranger (a small plastic frog called Freddi Staur),
highlighting the extent of the problem facing businesses.
"Companies are split on the question of Facebook. Some believe
it to be a procrastinator's paradise which can lead to identity
theft if users are careless. Others either view it as a valuable
networking tool for workers or are too nervous of employees
backlash if the site is suddenly blocked," said Graham Cluley, senior
technology consultant at Sophos. "Companies need to make their own
mind up as to whether they want to allow their users to access
websites like Facebook and MySpace during office hours. If workers
are allowed to be given access to these sites then it's imperative
that they are taught best practices to ensure that they are not
putting their personal and corporate data at risk. Five minutes
spent learning the ins-and-outs of Facebook's
privacy settings, for instance, could save a lot of heartache
later."
Sophos has reported a rise in the number of customers using its
Web Security and Control appliance to block social networking
websites like MySpace, Bebo and Facebook.
LloydsTSB, Credit Suisse, and Goldman Sachs are amongst the
companies
reported to have blocked employees from visiting Facebook.
"More businesses are restricting access to these kinds of sites.
Employees may not like it, but these websites can represent a
security risk if used carelessly. Unless there's a work purpose,
many firms do not see any reason why staff should need to access
them during work time," continued Cluley. "Companies are
increasingly looking to secure and control their workers' web
activity because of the impact it can have on the company in terms
of productivity, bandwidth and security."
Simply click on the arrow above to stream the
podcast through your browser. Alternatively you can download
it to your MP3 player.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
Disclaimer: Please bear in mind that this poll is not
scientific and is provided for information purposes only. Sophos
makes no guarantees about the accuracy of the results other than
that they reflect the choices of the users who participated.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.