The results showed that 63% of respondents were concerned about information being too freely shared on social networking sites, and that a quarter of the businesses represented had been the victim of spam, phishing or malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace.
Yet, according to the survey, nearly half of the companies made no attempt to control usage of those sites, and where social networking policies and controls were in place, the prime motivation was to avoid wasting time. Only 8% blocked social networking for fear of malware, and another 8% said they blocked usage because of data leakage concerns.
Graham Cluley, senior technology consultant at Sophos, noted that LinkedIn, a business-centric social network, was the least of the sites likely to be blocked. "For some reason, it is perceived differently and is most likely to be allowed, even though much of the information in it – such as people joining a new company -- could be used for spear phishing attacks."
Proper Web filtering should also be in place to prevent users from downloading malware and falling prey to other scams such as phishing, he said.