In this section

• Home
• Press office
• News archive
• Articles
• 2007
• 08

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

21 August 2007

50% of employees blocked from accessing Facebook at work, Sophos survey reveals Two in three people worried about information co-workers are sharing on social networking website

Sophos's WS1000 appliance defends firms against web threats, and allows IT departments to block access to unapproved sites.

Research conducted by IT security and control firm Sophos has revealed that 50 percent of workers are being blocked from accessing Facebook by their employers who are worried about the website's impact on productivity and security, and have therefore put policies or access controls in place to ban its use in the workplace.

In a Sophos poll of 600 workers, 43 percent revealed that their company was blocking access to Facebook, while an additional seven percent reported that usage of the social networking website was restricted and only those with a specific business requirement were allowed to access it.

In contrast, 50 percent of respondents said that their company did not block access to Facebook, with eight percent specifying that the reason was fear of employee backlash.

A second poll showed that 66 percent of workers were concerned that their colleagues were sharing too much information on Facebook, which could lead to identity theft and targeted phishing attacks against the company.

Survey results

Sophos online survey, 600 respondents, 31 July - 13 August 2007.

Sophos online survey, 287 respondents, 13 August - 21 August 2007.

According to Sophos, a large number of Facebook profile pages contain users' current employment details, which could be used together with other stolen information by cybercriminals bent on committing corporate fraud, or to infiltrate company networks. Last week, Sophos published research showing that 41 percent of Facebook users were prepared to divulge personal information to a complete stranger (a small plastic frog called Freddi Staur), highlighting the extent of the problem facing businesses.

"Companies are split on the question of Facebook. Some believe it to be a procrastinator's paradise which can lead to identity theft if users are careless. Others either view it as a valuable networking tool for workers or are too nervous of employees backlash if the site is suddenly blocked," said Graham Cluley, senior technology consultant at Sophos. "Companies need to make their own mind up as to whether they want to allow their users to access websites like Facebook and MySpace during office hours. If workers are allowed to be given access to these sites then it's imperative that they are taught best practices to ensure that they are not putting their personal and corporate data at risk. Five minutes spent learning the ins-and-outs of Facebook's privacy settings, for instance, could save a lot of heartache later."

Sophos has reported a rise in the number of customers using its Web Security and Control appliance to block social networking websites like MySpace, Bebo and Facebook.

LloydsTSB, Credit Suisse, and Goldman Sachs are amongst the companies reported to have blocked employees from visiting Facebook.

"More businesses are restricting access to these kinds of sites. Employees may not like it, but these websites can represent a security risk if used carelessly. Unless there's a work purpose, many firms do not see any reason why staff should need to access them during work time," continued Cluley. "Companies are increasingly looking to secure and control their workers' web activity because of the impact it can have on the company in terms of productivity, bandwidth and security."

• Hot topic: Facebook - The privacy and productivity challenge
• Read Sophos's best practice tips for how to secure your online identity on Facebook
• Learn how to block websites with Sophos Web Security and Control
• Download a Sophos podcast about Facebook and online privacy

Simply click on the arrow above to stream the podcast through your browser. Alternatively you can download it to your MP3 player.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also:

• Listen to Sophos podcasts
• Sophos Web Security and Control
• Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves
• Facebook members bare all on networks, Sophos warns of new privacy concerns