Employees bypass security roadblocks to engage in social networking
Even though more workplaces are regulating social networking sites, employees are finding ways around security roadblocks, making social networking a way of office-life around the world.
Trend Micro’s 2010 corporate end user survey, which included 1600 end users in the U.S., U.K., Germany and Japan, found that globally, social networking at the workplace steadily rose from 19 percent in 2008 to 24 percent in 2010. The highest surge of social networking on the corporate network during the last two years was found among end-users within the U.K., who tallied a 6 percent increase, and Germany, with a more than 10 percent leap.
With the exception of Japan, there were no significant differences between end users from small businesses and those from large corporations, but the survey found that laptop users are much more likely than desktop users to visit social networking sites.
Globally, social networking usage via laptops went up by 8 percent from 2008 to 2010. In the U.S., it increased by 10 percent and in Germany, up by 14 percent.
In 2010, 29 percent of laptop users versus 18 percent of desktop users surveyed said they frequented these sites at work. In Japan for 2010, small-company employees were much more likely than those from large companies to visit social networking sites – 21 percent from small companies compared to 7 percent from large companies.
For all countries surveyed in 2010, laptop users who can connect to the Internet outside of company network are more likely to share confidential information via instant messenger, Web mail and social media applications than those who are always connected to a company’s network. This is significantly so in Germany and Japan.
As more and more people communicate through social networks, the more viable social networks become malware distribution platforms. KOOBFACE alone, the “largest Web 2.0 botnet,” controls and commands around 51,000 compromised machines globally. This demonstrates the scale of the threat, and emphasizes the need to educate users and implement strong policies.
Trying to just prevent users accessing social networks from work could potentially increase the risk to an organization as users look for ways around computer security possibly increasing the chance of exposure to security threats.