How safe is your surfing? Few SMBs have social networking security policy

Approximately 40 percent of small and midsize businesses have suffered a breach because of malware picked up by employees while visiting the Web, social networking sites.
Written by Heather Clancy, Contributor

Earlier this week, I wrote about technology that could be instrumental in protecting your company's Web site. But are the employees at your small or midsize business likewise protected from content they might pick up from Web sites they visit on the job?

That is the subject of a newly released survey by security technology developer GFI Software. Its study, conducted among about 200 IT decision makers at organizations with between 5 and 249 employees, found that 40 percent of the respondents had suffered a breach related to malware that workers picked up while surfing the Web.

Perhaps even more concerning, given the amount of time that people are now spending on Facebook and other sites: the GFI Software study found that only 16 percent of SMBs actually have a full-fledged social networking use policy.

Those two findings are not mutually exclusive: they underscore the dangers of not having some sort of social networking policy or, in the absence of a policy, having some sort of Web content filtering mechanism in place.

Approximately 11.5 percent of the respondents indicated that they didn't use Web monitoring or filtering software at all. Actually, that's not a bad number, but the survey's results show a disconnect between security realities -- especially in this year's hacker-prone environment -- and the amount of thinking that small and midsize businesses have done about security policy.

You won't be surprised to hear that the study's release coincides with an update of the company's WebMonitor offering.

Said Phil Bousfield, general manager of the GFI Software Infrastructure Unit:

"SMBs walk a fine line when it comes to balancing employee Internet access with the security risks it creates. The Internet is one of the most valuable tools SMBs have at their disposal, but without a strong security strategy and a thorough understand of how and where threats originate, it can pose significant risks to their networks."The software includes a new Website Reputation Index and a GFI ThreatTrack URL blocking feature that will keep employees from getting to sites that could be risky. The company touts the fact that this new feature will enable companies to protect against malicious sites without blocking entire categories of Web sites. It gives SMBs some flexibility, because the realities of social media and social networking are that they make it easier for people to get their jobs done so you don't want to block them outright. There is also a featuring for managing (and blocking) messaging clients during work hours.

The survey results and the features included in the new GFI Software service should help SMBs get a better picture of their own security posture. The fact remains: social marketing activities are going to be one of the most cost-effective ways for SMBs to get noticed, but they also introduced some vulnerabilities that cannot be ignored.

Editorial standards