Social networks are becoming a default way for many employees to stay in touch with friends, colleagues, and business associates, but according to a new poll by the anti-virus firm Sophos, 63% of system administrators worry that employees who share too much personal information on social networking sites will put their company’s IT infrastructure at risk. A quarter of these businesses also report that they have been the victim of spam, phishing, and malware attacks via sites like Twitter, Facebook, LinkedIn, and MySpace.
According to Sophos, many businesses are still worried about lost productivity when it comes to using social networks in the workplace, but a lot of these businesses now also worry about cybercrime in relation to these networks.
Of course, it is important to remember that Sophos is a security firm and has an interest in stressing these security risks.Though, the sentiment among system administrators is that this somewhat unscientific poll seems to be on par with what we have seen from similar reports.
Malware, Data Leakage, Lost Productivity
According to Sophos, around 40% to 50% of all businesses don’t control access to Facebook, Twitter, and MySpace, while a slightly larger group of enterprises allow their users to use the more business-oriented LinkedIn. Those who control access cite lost productivity as the main reason more clamping down on social network usage at work, while about 12% to 17% cite a fear of malware and data leakage.
Interestingly, about 7% of respondents had no idea why they were controlling access to these sites. Similarly, around a quarter of all respondents couldn’t say if they or their colleagues had ever been spammed on a social networking site, or if they had been the victim of a malware or phishing attack.
Even though businesses are afraid of social networks, Sophos advises against totally blocking off access as users will inevitably find ways around these blocks which will just create new security issues.
We would agree with this, but we would also point out that a lot of these scams and malware attacks still arrive by email. There are a number of legitimate business uses for social networks, as long as they don’t include wiring large amounts of your company’s money to a poor widow in Nigeria who needs help with a large wire transfer.