One in five of smaller UK companies suffer from employee internet abuse. According to the Department of Trade and Industry's Information Security Breaches Survey, firms that experienced internet abuse had an average of one incident a week.
Chris Potter, the PricewaterhouseCoopers partner leading the survey, said, "As more businesses provide their staff with access to the Internet, the number of incidents of staff abusing that access is rising. It seems unwise to wait until a major breach before putting effective controls and plans in place. Unfortunately, many businesses, particularly SMEs, are doing exactly that."
Whereas two years ago, 57 per cent of companies blocked or quarantined emails, this has fallen to 16 per cent compared to 2002. Nearly a third of companies have no controls over email, compared to 12 per cent two years ago.
The number of companies that restrict access to the web has dropped also to 29 per cent from 45 per cent. Logging and monitoring acceptable sites fell to 20 per cent from 45 per cent, and blocking access to inappropriate sites to 15 per cent from 34 per cent.
Nearly a third of SMEs (although just 4 per cent of large businesses) now have no controls in place at all.
Companies logging and monitoring internet access reported a higher number of incidents of misuse, implying that organisations without such controls are letting incidents go undetected.
One thousand firms were surveyed.