Half of employees ignore social media policy

Half of employees reportedly ignore company policies prohibiting the use of social media tools at least once a week.

The 2010 mid-year security report from Cisco revealed that while 50 per cent of end-users ignore company policy, 27 per cent said they change the settings on corporate devices to access prohibited applications.

Spencer Parker, product manager at Cisco, said: “This is an interesting piece of research as people really want to get their job done and it is to the point of policies being ignored. Employees may not necessarily be trying to bypass policy; it is about getting the job done. But security policy has prohibited certain things, many may say that there are no cloud services allowed, but it may help them.

“If you consider the use of Google Docs or Salesforce.com, these are exemplary services, but can policy be moved to allow use of this.”

The report further claimed that businesses must change their mindset on security to help ensure that their networks and vital corporate information are protected from evolving security threats. As increased use of social networking, network-connected mobile devices and virtualisation continue to alter the security landscape, the report claimed that enterprise professionals must act immediately to put effective security practices into place in order to protect their companies' reputation and maintain a competitive edge.

John Stewart, vice president and chief security officer at Cisco, said: “You work, and it is not about where you are. We are trying to hold the future back and don't believe in attempts to stop it, we accept it and walk through and learn from it.”

Research by Cisco Security Intelligence Operations found that seven per cent of users accessing Facebook spend an average of 68 minutes per day playing the interactive game ‘Farmville'. ‘Mafia Wars' was the second most popular game, with five per cent of users each racking up 52 minutes of play daily, while ‘Café World', played by four per cent of users, accounted for 36 minutes a day.

Parker claimed that although loss of productivity is not a security threat, cyber criminals are believed to be developing ways to deliver malware via these games. “Businesses need to know how to control these applications, if you block them are you stopping people from getting online from a smartphone? You have got to provide controls and use it in a manner that remains secure to the business,” said Parker.

“In terms of security risk, social networking sites do a good job, but social networking sites are prevalent to social engineering techniques including spam. Any popular thing will get manipulated and have to be looked at.”

See original article on scmagazineus.com