U.K. firms are at risk of data leakage through their employees’ increasing use of Web 2.0 technologies and social networking Web sites, security experts have warned.
A survey of more than 1,000 office workers found that 42 per cent of those aged 18 to 29 discussed work-related issues on social networking sites and blogs.
More than a quarter of young workers spent three or more hours a week during office hours surfing blogs and Web sites such as YouTube and MySpace, the research, carried out by polling firm YouGov for content security specialists Clearswift, found. Nearly four in 10 admitted accessing such sites “several times a day”.
Younger employees are more likely to take access to such sites for granted, with 59 per cent of office workers aged 18 to 29 believing that staff should be able to visit these sites for personal reasons, using their work computer, compared with 38 per cent of staff aged over 30.
“It’s clear from the research that organizations need to take a closer look at the social media sites that their employees are using at work to ensure sensitive business issues or information is not being discussed,” Clearswift chief operating officer Ian Bowles said.
“However, finding the balance between harnessing so-called ‘Web 2.0’ technologies for business benefit and maintaining strong security is key.”
Bowles added: “It isn’t difficult to envisage an employee posting unauthorized comments about their organization’s product or service quality issues on a blog — causing major brand damage — but at the same time, banning all blog access is not the answer as it cuts the organization off from conversations with partners and customers.”
Clive Longbottom, service director at analyst Quocirca, said that inadvertent rather than malicious disclosure could prove the greatest threat to an organization’s intellectual property.
Frost & Sullivan analyst Katie Gotzen said, “While organizations have woken up to the security risks with e-mail, this awareness is not always extended to the bidirectional communications in Web 2.0. Yet social networking sites and blogs carry an even greater risk for data leakage and brand damage than e-mail, because anyone can potentially access them.”
The survey found that most office workers were aware of their company’s policy on employee use of the Internet, with just 14 per cent saying they did not know if one existed or not. More than a quarter of those surveyed said their organization did not allow access to social media sites. But 14 per cent said their company had no policy at all.