UK firms are at risk of data leakage through their employees’ increasing use of Web 2.0 technologies and social networking websites, security experts have warned.
A survey of more than 1,000 office workers found that 42% of those aged between 18 and 29 discussed work-related issues on social networking sites and blogs.
More than a quarter of young workers spent three or more hours a week – during their office hours – surfing blogs and websites such as YouTube and MySpace, the research, carried out by polling firm YouGov for content security specialists Clearswift found. Nearly four in 10 admitted accessing such sites “several times a day”.
Younger employees are more likely to take access to such sites for granted, with 59% of office workers aged 18 to 29 believing that staff should be able to visit these sites for personal reasons, using their work computer, compared with 38% of staff aged over 30.
Clearswift chief operating officer Ian Bowles said: “It’s clear from the research that organisations need to take a closer look at the social media sites that their employees are using at work to ensure sensitive business issues or information is not being discussed.
“However, finding the balance between harnessing so-called ‘Web 2.0’ technologies for business benefit and maintaining strong security is key.”
Bowles added: “It isn’t difficult to envisage an employee posting unauthorised comments about their organisation’s product or service quality issues on a blog - causing major brand damage – but at the same time, banning all blog access is not the answer as it cuts the organisation off from conversations with partners and customers.”
Commenting on the findings, Clive Longbottom, service director at analyst Quocirca, said that inadvertent rather than malicious disclosure could prove the greatest threat to an organisation's intellectual property.
Frost & Sullivan analyst Katie Gotzen said: “Whilst organisations have woken up to the security risks with email traffic, this awareness is not always extended to the bi-directional communications which are common in Web 2.0. Yet social networking sites and blogs carry an even greater risk for data leakage and brand damage than email, because anyone can potentially access them.”
The survey found that most office workers were aware of their company’s policy on employee use of the internet, with just 14% saying they did not know if one existed or not. More than a quarter of those surveyed said their organisation did not allow access to social media sites. But 14% said their company had no policy at all.
For more information, our sister site Techworld has a comprehensive network security resource page.
Find your next job with computerworld UK jobs