LinkedIn & Facebook 'pose growing IT security risk'

New research reports that use of Facebook, LinkedIn, YouTube, peer-to-peer networking and instant messaging in the office continues to surge.


Use of Facebook, LinkedIn, YouTube, peer-to-peer networking and instant messaging in the office continues to surge, according to new research.

But businesses’ security policies are not keeping up with the times, according to security experts.

Market research firm NewDiligence surveyed 527 end users and IT managers and found about 60 percent of respondents use social-networking sites at work, while 85 percent use instant messaging and media, including streaming audio and video.

In addition, more than half of respondents report using file-sharing for business purposes, and one-third acknowledge they use music and video sharing for personal reasons, too. Roughly 40 percent use personal internet-based telephony, and 15 percent make use of online 'anonymiser' systems at work to shield their identity.

In terms of frequency, half of respondents said they access social-networking sites once a day or more for business purposes, with LinkedIn, Facebook, YouTube, Twitter and Digg cited most often. Those same social-networking services are also the sites most visited for personal reasons.

The business reasons users gave for visiting the social-networking sites are 'professional networking with colleagues', 'learning about colleagues', 'research', 'setting up a meeting', and 'sales prospecting'.

Still, social-networking carries security risks. It's being exploited by attackers to spread malware or trick victims into visiting sites loaded with malware, points out Jose Nazario, network security researcher at security firm Arbor Networks.

Micro-blogging site Twitter, for example, has been a vehicle for distributing malware, including a recent bot that merged MSN Messenger link spam with Twitter to get users to download malware, he notes.

"Any social media where you do have a lot of eyeballs is a direct distribution channel for malware," Nazario said.

NewDiligence's research notes that most IT managers' companies have corporate policies for network monitoring. Smaller firms with fewer than 5,000 employees most often (20 percent) lacked such policies, the study said.

The survey also reports that about half of the IT managers have deployed a unified communications suite or plan to do so, with e-mail and IM the most widely adopted applications, and VoIP and file-sharing to follow.

NewDiligence's study, entitled 'The Collaborative Internet: Usage Trends, End User Attitudes and IT Impact', was commissioned by FaceTime Communications, which provides enterprise tools for secure use of instant messaging, Skype, web conferencing and P2P file sharing.

Find your next job with computerworld UK jobs

"Recommended For You"

Make LinkedIn your company's best friend Cross-browser click-fraud worm spreading via Facebook