Staff misuse of the internet is putting companies’ reputations at risk, according to early findings from the government’s latest information breaches survey.
The study, full details of which will be released at the Infosecurity show in
shows that 90% of companies believe protecting their reputation is one of the most important information security drivers.
And while 88% of companies are benefiting from broadband internet connections, those connections are also increasing the risk of damage to reputation through staff misuse of the web or email. To counter that risk, nearly one and a half times as many companies now have an acceptable policy for internet usage compared with two years ago: 63% of all companies and 89% of large ones have an acceptable usage policy.
Although the number of companies affected by misuse has improved, two-thirds of large businesses had at least one misuse incident in the last year, and some small companies reported hundreds of email abuses every day.
Despite the risks, many
PricewaterhouseCoopers, which led the survey with the Department of Trade and Industry, suggested that as companies implement better controls around email and web usage, they are more likely to detect misuse happening. Those that have an acceptable usage policy in place are three times more likely to detect misuse than those that don't.
The irony is that ’always-on’ broadband means ‘always at risk’, which a majority of smaller companies are perhaps failing to realise. Many are also blissfully unaware of the extent of threats to the organisation from inappropriate web usage. ‘Drive-by’ threats, where surreptitious, malicious code is ‘delivered’ from visited websites, are now commonplace, and growing ever more sophisticated.