Fear of Data Loss, Social Media Security Risks Rising

A new survey from California-based email security firm Proofpoint finds more organizations are dealing with data loss and security breaches due to employee use of social media sites. Proofpoint polled 261 IT decision makers at organizations with more than 1000 employees. Respondents were asked about the frequency of data loss events in the past 12 months, as well as their concerns, priorities and policies related to email, the Web, social media and other sources of data loss risk.

By Joan Goodchild
Mon, September 20, 2010

CSO — A new survey from California-based email security firm Proofpoint finds more organizations are dealing with data loss and security breaches due to employee use of social media sites. Proofpoint polled 261 IT decision makers at organizations with more than 1000 employees. Respondents were asked about the frequency of data loss events in the past 12 months, as well as their concerns, priorities and policies related to email, the Web, social media and other sources of data loss risk.

Slideshow: Understanding Web 2.0 Security in the Workplace
Enterprise Data Security: Definition and Solutions

The survey found 20 percent of companies polled had investigated the exposure of confidential, sensitive or private information via a post to a social networking site. In many instances, the events have been severe enough to lead to job loss or disciplinary action, with seven percent of companies reporting termination of an employee for social networking policy violations. Another 20 percent disciplined an employee for not following social networking policy.

Does your organization have rules for social media use? See 4 tips for writing a great social media policy

Social networking sites such as Facebook and LinkedIn were cited by 53 percent of respondents as a high concern when it comes to the risk of information leakage. However, not all companies are concerned enough to make the sites off limits. Only 53 percent explicitly prohibit the use of Facebook and 31 percent explicitly prohibit use of LinkedIn (See also: Brand protection: The expanding CSO portfolio and Brand protection and abuse: Keeping your company image safe on social media sites).

Microblogging service Twitter was mentioned by 17 percent of companies as a source of investigation due to the exposure of confidential, sensitive or private information. Additionally, 51 percent said they are highly concerned about the risk of information leakage on Twitter (See 5 Facebook, Twitter scams to avoid and 5 more Facebook, Twitter scams to avoid).

According to Craig Shumard, CSO with Cigna Corp. (CI), the nation's fourth-largest health services provider, social networks are viewed as both a tremendous benefit to employees, as well as a security concern. But the risks they pose are not really new.

"People have had the ability to go out and express opinions on emails and blogs for some time. We spend a lot of time around training and awareness as far as ensuring people know what good behavior is on these kinds of forums," said Shumard. "Folks know they are not supposed to be speaking on behalf of Cigna or Cigna Corporation."

Continue Reading

Originally published on www.csoonline.com. Click here to read the original story.
Our Commenting Policies