Businesses Fear Social Networking

By: Absolute Team | 5/6/2009

According to a new report from Sophos, two thirds of businesses fear social networking and its impact on corporate security.

Sophos conducted a poll in February 2009 with 709 respondents. Of those, 63% of system administrators worry that employees share too much information on their social networking profiles. They believe this puts the corporation, and its data, at risk (since cybercriminals have access to more information for identity theft, malware or spam). A quarter of the businesses had been the recipients of spam, phishing or malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace.

Over 40% of companies don't control access to any of these major social networking platforms - for those that do, productivity still represents the largest share of concern, but security concerns are on the rise.

We're seeing more incidents of unwanted adverts and malicious links being spammed out, particularly to Facebook users, from their friends' compromised accounts. Although social networking sites are going some way to mitigate threats to users - activating pop-up windows to confirm if a user really wants to visit that external link for example - unfortunately it's just not enough. Organisations need to incorporate defences into their IT security policy, and a key part of this is to educate individuals to choose strong passwords and to take good care of them to prevent cybercriminals taking over online accounts which could provide an entry point to the IT infrastructure." - Graham Cluley, senior technology consultant at Sophos.

Sophos summarizes their study with the top 5 tips to combat social networking perils in the business environment, which include:

  • Educate your workforce about online risks
  • Consider filtering access to certain social networking sites at specific times
  • Check the information that your organisation and staff share online
  • Review your Web 2.0 security settings regularly
  • Ensure that you have a solution in place that can proactively scan all websites for malware, spam and phishing content

Also, beware of an increase in Swine Flu pill spam!

Financial Services