• Thirty-three percent of US SMBs have been infected by malware propagated via social networks; 23 percent have experienced identity theft on popular social networks
• Facebook takes top spot for social networking-related malware infections, followed by YouTube and Twitter
Panda Security, the Cloud Security Company, announced the results of its first annual for small- and medium-sized businesses (SMBs) in the USA. The study, which surveyed 315 US SMBs with up to 1,000 employees throughout the month of July, revealed that the use of social networking during working hours is common (77% of employees do), and consequently, 33% say they have been infected by malware corporate network that has been distributed by these communities.
Social Media Benefits Outweigh Concerns
According to the survey, SMB’s top concerns with social media include privacy and data loss (74 percent), malware infection (69 percent), employee productivity loss (60 percent), reputation damage (50 percent), and network performance/utilization problems (29 percent).
However, these concerns are not deterring SMBs from reaping the business benefits of social media as 78 percent of respondents reported that they use these tools to support research and competitive intelligence, improve customer service, drive public relations and marketing initiatives and directly generate revenue. Facebook is by far the most popular social media tool among SMBs: Sixty-nine percent of respondents reported that they have active accounts with this site, followed by Twitter (44 percent), YouTube (32 percent) and LinkedIn (23 percent).
Facebook Emerges as Top Source for Malware Infections
Facebook was cited as the top culprit for companies that experienced malware infection (71.6 percent) and privacy violations (73.2 percent). YouTube took the second spot for malware infection (41.2 percent), while Twitter contributed to a significant amount of privacy violations (51 percent). For companies suffering financial losses from employee privacy violations, Facebook was again cited as the most common social media site where these losses occurred (62 percent), followed by Twitter (38 percent), YouTube (24 percent) and LinkedIn (11 percent).
Social Media Governance and Education Are Prevalent Among SMBs
To minimize the risks associated with social media, 57 percent of SMBs currently have a social media governance policy in place, with 81 percent of these companies employing personnel to actively enforce those policies. In addition, 64 percent of companies reported having formal training programs in place to educate employees on the risks and benefits of social media. The majority of respondents (62 percent) do not allow the personal use of social media at work.
The most common disallowed social media activities include: Playing games (32 percent); publishing inappropriate content on social media sites (31 percent); and installing unapproved applications (25 percent). In addition, 25 percent of companies said that they actively block popular social media sites for employees, mainly via a gateway appliance (65 percent) and/or hosted Web security service (45 percent).
“Social media is now ubiquitous among SMBs because of its many obvious benefits, yet these tools don’t come without serious risks,” said Luis Corrons, Technical Director at PandaLabs. “The awareness and education on the proper use of these social networks is essential to take full advantage of the community. Along with the better protection of the corporate network, the use of common sense, often the least common of the senses, is what we have to do to prevent headaches associated with problems of both security and privacy."
Survey respondents included individuals involved in setting and/or enforcing policies related to network activities at 315 SMBs within the United States.
Survey Timeframe: The Social Media Risk Index for SMBs survey was conducted by Panda Security between July and August 2010 among non-users of Panda solutions.
Participants: The survey consisted of companies with between 15 and 1,000 employees.
Methodology: The survey was carried out online through prior invitation via e-mail.
Sample error: Sampling error calculation is +/- 5.7 for a confidence level of 95%.