Few companies enforce social networking security policies, says survey

For more Infosecurity Europe 2009 news Get the latest news and interviews from the conference floor. Check out our live coverage of Infosecurity Europe 2009.

The results showed that 63% of respondents were concerned about information being too freely shared on social networking sites, and that a quarter of the businesses represented had been the victim of spam, phishing or malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace.

Download this free guide

The importance of web security

Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Yet, according to the survey, nearly half of the companies made no attempt to control usage of those sites, and where social networking policies and controls were in place, the prime motivation was to avoid wasting time. Only 8% blocked social networking for fear of malware, and another 8% said they blocked usage because of data leakage concerns.

Graham Cluley, senior technology consultant at Sophos, noted that LinkedIn, a business-centric social network, was the least of the sites likely to be blocked. "For some reason, it is perceived differently and is most likely to be allowed, even though much of the information in it – such as people joining a new company -- could be used for spear phishing attacks."

Don't miss need-to-know info! Security pros can't afford to be the last to know. Sign up for email updates from SearchSecurity.co.uk and you'll never be behind the curve!

Proper Web filtering should also be in place to prevent users from downloading malware and falling prey to other scams such as phishing, he said.