Clearswift Survey Finds Web 2.0 Still Not Understood by Most U.S. Companies

May 9, 2007; 09:23 AM

Survey results highlights:

• More than one third (34 percent) of organizations don’t monitor employees’ use of the Internet
• More than half (51 percent) of businesses don’t know whether they’ve lost confidential information via social media outlets
• 20 percent of IT and business decision-makers don’t have a policy governing appropriate use of the Internet, including social media sites
• 20 percent of organizations do not allow blogging at work while 45 percent don’t have a policy on it
• 39 percent of IT and business decision makers consider social media to be relevant to today’s corporate environment, while 36 percent do not see social media as relevant to their businesses
• 13 percent of organizations are not aware of social media and have no policy on it

For many organizations, the impact and benefits of Web 2.0 or social media sites on their businesses are still unknown; this according to a recent survey of U.S. IT and business decision makers conducted by Clearswift. While the majority of organizations understand the growing popularity of social media sites, and recognize that 71 percent of their staff use Web mail, 62 percent use forums, 56 percent use blogs, 36 percent of those surveyed do not see them as relevant to their business and have no plans on using them in the future. For the purpose of this survey, Clearswift defined social media sites as blogs, forums, Web mail, instant messaging, social networking sites, podcasts, online video sites, wikis, photo sharing sites and Second Life.

The survey also found that 34 percent of businesses still do not monitor employee access to the Internet, suggesting that many organizations do not understand the potential security threats of using sites and services such as MySpace, YouTube, blogs, Web-based email and online forums. While more than 73 percent of those surveyed felt that loss of confidential data was the number one security issue in terms of priority to the security of their organization, 51 percent are not aware if their company has ever lost confidential information through social media sites. The only security issue to rank higher than loss of confidential data was viruses/worms (77 percent), yet 96 percent of companies are already using anti-virus tools.

“Security is still misunderstood when it comes to the use of the Internet, particularly the impact that social media sites might have on security,” said Jon Lee, CEO, Clearswift. “As important as protecting confidential information is to an organization, the majority don’t know if their employees are using blogs, forums, Web-based email or other social media sites to accidentally or knowingly share important information. Forty-one percent and 54 percent of companies allow their employees to use blogs and forums, respectively, at work, while another 45 percent and 36 percent, respectively, don’t have a policy on the use of such sites. The lack of policy definitely concerns us, and demonstrates that there is still a long way to go in educating organizations of the potential security risks of Web 2.0.”

In addition to virus, worms and losing confidential data, other security issues that U.S. IT and business decision makers consider “high importance” are:

• Harassment in the workplace (58 percent)
• Damage to company reputation (57 percent)
• Spyware (54 percent)
• Pornography in the workplace (54 percent)
• Denial of service attacks (52 percent)

At the bottom of the list of security issues in terms of priority were those related to social media, including security breaches via blogs and security breaches via forums, which were tied for last, edging out “employee time wasting” and security breaches via instant messaging, and security breaches via Web mail.

“The results of the survey demonstrate that education is going to be very important to help IT groups and business decision makers to understand the security issues that arise as employees are allowed to use social media sites without policies or policy enforcement,” added Jon Lee. “Many companies think that there is nothing they can do to prevent their employees from using social media sites. The truth is, much can be done in terms of monitoring Internet usage, enforcing policies, filtering both inbound and outbound email, and preventing unfettered access to sites where company information and security can be compromised. Clearswift recognizes social media as a major security issue that should take priority among today’s businesses.”

This is the second of two surveys relating to better understanding users attitudes and corporate policies related to social media. The first survey found that organizations are susceptible to data leaks through social media sites, and these Web 2.0 sites put corporate information at risk and drain productivity. It also found that nearly 43 percent of office workers in the United States access social media sites and services for personal reasons from their work computer several times each day, with 51 percent spending one or more hours a week on the sites.

About the research

IT and business decision makers research was commissioned and conducted by Clearswift. Total sample size was 939 adults. Fieldwork was undertaken between February 13, 2007 and March 1, 2007. The survey was conducted online.

About Clearswift

Clearswift simplifies content security.

Our products help organizations enforce best-practice email and web use, ensuring all traffic complies with internal policy and external regulations.

Our range of content filtering solutions makes it easy to deploy, manage and maintain no-compromise email and web security for both inbound and outbound traffic.

Clearswift is the only vendor to offer comprehensive, policy-based content security in all three deployment methods: as software, as an appliance and as a managed service.

All three platforms are designed to take the hassle out of securing Internet traffic, with a clear, intuitive management interface; automatic, 'zero-touch' updates; powerful reporting and common-sense policy management.

Twenty years of experience across 17,000 organizations has helped us raise security standards while simplifying security management at the same time.

We've helped many of the world's most successful organizations use the Internet with confidence and are committed to staying ahead of the market and helping our customers defend against all emerging threats.