Friday, 09 September 2011

UK workers view social networking as a security risk

One in six UK employees finds sites such as Facebook and LinkedIn a risk to corporate security, according to new research.

One in six UK employees consider social networking such as Facebook and LinkedIn a major risk to corporate security, according to new research from Protiviti. The research also found that three in ten believe that social networks pose a real risk to their own personal security.
The use of social networking within UK businesses has soared in recent times, with employees using Facebook, LinkedIn and Twitter for marketing and other processes, including recruitment. However, according to the research, privacy and security are major concerns for users, with employees calling for clearer guidelines on social media usage in the workplace.

When asked whether employers should do more or less to explain to staff the principles of using social media in the workplace, 27% of workers said that more should be done, with a mere 3% saying less. Those aged 55 and over would like to see clearer guidelines on the use of social media, with one in three expressing a need for this, more than any other age group.

Jonathan Wyatt, Managing Director, Protiviti UK said: “On one hand, employees are using social networking tools for managing activities in their private life – but accessing these tools from corporate systems. On the other hand, employees are being asked to carry out specific tasks relating to work via the same social networks.

Opening up access in the workplace to social networks can create long-term benefits, however, there are many risks involved, including information security breaches.”
Key security risks

– Potential leakage of sensitive information
– Unintentional upload of Trojans or viruses to employees’ computers
– Increased targeting of individuals who are associated with the company for social engineering attacks
– Individuals falling prey to fraudulent scams

“Social media has provided a new environment for criminals seeking an alternative way to commit fraud and other crimes. Employers must set out clear guidelines to help control information supplied, and which, when shared via social networks, will benefit a company’s internal and external image. Having social media guidelines in place allows management to regulate the control of internal and external information by employees. This not only mitigates the risk of reputational loss through error or fraud, but also reduces the likelihood of information being leaked externally,” Wyatt concludes