How safe is your surfing? Few SMBs have social networking security policy

How safe is your surfing? Few SMBs have social networking security policy

Summary: Approximately 40 percent of small and midsize businesses have suffered a breach because of malware picked up by employees while visiting the Web, social networking sites.


Earlier this week, I wrote about technology that could be instrumental in protecting your company's Web site. But are the employees at your small or midsize business likewise protected from content they might pick up from Web sites they visit on the job?

That is the subject of a newly released survey by security technology developer GFI Software. Its study, conducted among about 200 IT decision makers at organizations with between 5 and 249 employees, found that 40 percent of the respondents had suffered a breach related to malware that workers picked up while surfing the Web.

Perhaps even more concerning, given the amount of time that people are now spending on Facebook and other sites: the GFI Software study found that only 16 percent of SMBs actually have a full-fledged social networking use policy.

Those two findings are not mutually exclusive: they underscore the dangers of not having some sort of social networking policy or, in the absence of a policy, having some sort of Web content filtering mechanism in place.

Approximately 11.5 percent of the respondents indicated that they didn't use Web monitoring or filtering software at all. Actually, that's not a bad number, but the survey's results show a disconnect between security realities -- especially in this year's hacker-prone environment -- and the amount of thinking that small and midsize businesses have done about security policy.

You won't be surprised to hear that the study's release coincides with an update of the company's WebMonitor offering.

Said Phil Bousfield, general manager of the GFI Software Infrastructure Unit:

"SMBs walk a fine line when it comes to balancing employee Internet access with the security risks it creates. The Internet is one of the most valuable tools SMBs have at their disposal, but without a strong security strategy and a thorough understand of how and where threats originate, it can pose significant risks to their networks."The software includes a new Website Reputation Index and a GFI ThreatTrack URL blocking feature that will keep employees from getting to sites that could be risky. The company touts the fact that this new feature will enable companies to protect against malicious sites without blocking entire categories of Web sites. It gives SMBs some flexibility, because the realities of social media and social networking are that they make it easier for people to get their jobs done so you don't want to block them outright. There is also a featuring for managing (and blocking) messaging clients during work hours.

The survey results and the features included in the new GFI Software service should help SMBs get a better picture of their own security posture. The fact remains: social marketing activities are going to be one of the most cost-effective ways for SMBs to get noticed, but they also introduced some vulnerabilities that cannot be ignored.

Topics: Software Development, Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: How safe is your surfing? Few SMBs have social networking security policy

    This is silly why don't you specify that it is Windows Malware you are talking about, it is not an internet problem or a Mac or Unix problem it is a windows problem and the number of Mac users that got mail ware at work and home surfer with out any protection is virtually zero. So rather than limit their employees from expanding their business using the internet freely they should limit them and slow them down decrease productivity so that IT can have a castle to support and "protect" their users using fear tactics!
    But that is just my opinion. . .
  • RE: How safe is your surfing? Few SMBs have social networking security policy

    Thanks Heather for a thoughtful post. It???s an interesting challenge. Doc fears that employers will be forced to monitor employee Internet use much more closely (bad thing) in order to assure a little better security (good thing). As a fierce privacy advocate, Doc is sad to think employers will have to track employees' behavior ??? within reason, Doc believes employees should be allowed to use the Net for personal uses, same as they might occasionally use the phone or take a personal call at work on their cell phones. But there are bad guys out there, and no employer should have to subject themselves to malware. Can???t we all just learn to get along?
    DocuMentor (Doc)
  • RE: How safe is your surfing? Few SMBs have social networking security policy

    Thanks for providing the warning Heather, as this is a very important topic for organizations of any size today. Social media allows hackers to take advantage of the trust between friends to spread malware attacks through seemingly safe content. With social media being used on company computers, corporate networks are at an increased risk for a breach. Having a social networking use policy is quite important, as is having the security infrastructure to prevent an attack. Our company, Wedge Networks continues to lead the efforts on ensuring network layer Data Leakage Prevention (DLP) to prevent the outflow of user data. This is accomplished through a Deep Content Inspection approach that prevents the good things from flowing out and the bad things from flowing in.