A new survey from internet security company Clearswift has found that a third of UK businesses are now blocking social networking sites like Facebook and Twitter, compared to just nine per cent a year ago. Security rather than fear of the distraction is driving businesses to block the sites.
The UK average for blocking social networking sites is much higher than the global average of 19 percent of businesses. However, even globally, 68 percent of companies are now monitoring activity on the web, and 56 percent blocking at least some websites.
Security is the biggest concern for 58 percent of managers, 48 percent are worried about losing confidential data, and 43 per cent are concerned about hacking. Incidents like the Sony hacking scandal have scared managers into locking down access to various sites. Sony has been the target of several high profile attacks this year, and the company had to admit that the personal details of 77 million members of the PlayStation Network, including 10 million credit card details, were compromised in one attack alone.
Andrew Wyatt, Clearswift COO, is quoted in the FT as saying:
“It is clear that we have seen some significant changes in attitude towards social media use in the last 12 months. Businesses have reacted to the series of high-profile data leaks and have become increasingly nervous about its usage from the workplace.
“Social networking sites often have little to do with data-loss incidents, but they have become guilty by association, because they are seen as having an impact on a company’s brand.”
Such moves show a lack of understanding of where real threats come from. Companies should take network security very seriously because, as we’ve seen from data losses such as Sony’s, the stakes are high. It is essential that companies have the expertise to protect their networks from all types of attacks, whether automated DDoS (distributed denial of service) attacks, targeted hacking, or social engineering hacks such as spear phishing where attackers try to fool their victims into handing over valuable data such as usernames and passwords.
Serious security threats rarely involve social media, so clamping down on its use will actually achieve very little. Equally, the risk to confidential information is probably greater from email, memory sticks and printers than it is from Facebook or Twitter. If an employee wants to steal secrets, there are easier ways to do it than 140 characters at a time. Indeed, it’s much simpler to accidentally forward confidential data on to the wrong person in your email address book than it is to accidentally post something to Facebook.
This isn’t to say that access to social sites should be allowed without caution. Just as it’s easy to send an email to the wrong person, it’s also easy for people to Tweet the wrong thing. But rather than shutting down access to these sites, it makes more sense to educate all staff on their social media rights and responsibilities. After all, if someone wants to say something stupid online, their own smartphone allows them unfettered access to more social networks than they can shake a stick at. There’s nothing much IT can do about personal devices.
Clearswift said a ‘socianomic paradox’ had emerged, as on one hand 80 percent of managers realise social media tools generate benefits for firms but 48 percent have proactively identified social media use in the workplace as a concern.
Just 48 percent of firms believe the benefits of social media outweigh the drawbacks. However, only one in seven companies are using it as a tool for growth.
This shows that there’s a significant failure to understand where threats actually come from. Much of this is likely down to a lack of understanding of social media and technology in the higher echelons of management. When it comes to social media, there are too many opinionated pundits with little or no real-world understanding talking nonsense about what social media can and can’t do. And network security requires specialist knowledge that managers can struggle to grasp, leaving the door open for lazy practices which put the business at risk.
Social media has its place in every business: for marketing and PR, for collaboration, for communication. Even Facebook and Twitter, seen by many as the ultimate wasters of time, can prove useful when used with intelligence. Putting in place a blanket ban on social media sites is throwing the baby out with the bath water, and companies which do so risk damaging their own competitive advantage. Locking staff away in some imaginary internet safe room isn’t an answer to the risks the web poses.