Be wary of Web 2.0 at work

Be wary of Web 2.0 at work

March 5, 2009: The increasing number of employees accessing personal emails and social networking sites at work is exposing businesses to security risks, according to Marshal8e6, the global provider of email and Web security.

This week marks National Consumer Fraud Week and as the focus for the week falls on protecting consumers, it is critical that businesses understand the consequences and mitigate the impact that fraudulent emails and websites can have on their operations.

Last year, global spam emails exceeded 150 billion messages per day and as much as 33 percent of these emails included links to sites hosting malicious code, according to Marshal8e6’s TRACE team.

Jeremy Hulse, Marshal8e6’s Vice President Sales for Asia Pacific, said “This represents a very serious threat to confidential information, compliance and network availability; three components that are essential to corporate reputation and effective business operation”.

“Consumers are increasingly bringing their personal methods of communicating – such as Facebook, Instant Messenger or Hotmail – into the workplace with or without permission,” said Hulse.

“As the line continues to blur between personal and professional networking, it’s important for organisations to consider social networking and personal email sites in their broader security strategy. There are some simple steps that organisations can follow to ensure employees can continue to build their professional relationships without increasing security risks to the organisation,” he continued.

According to Mr Hulse, organisations can protect themselves from the risks of fraudulent email or web-based threats by following these steps:1. Adopt a policy-driven approach to security: Ensure Internet and email acceptable use policies (AUPs) are up to date and that employees understand the policies and adhere to them.2. Match security requirements with policy: Once an AUP is in place, organisations need to ensure they have the technology to support it. If your day to day business relies on constant Web access, having an effective content security solution in place will protect the organisation from threats that may compromise the security of confidential information.3. Stay on top of employee operating environments: It is relatively easy for employees to download the latest browsers and web-based applications, however it is important that these downloads are not old versions or containun-patched components as these can be exploited by malicious websites.4. Be wary of free Web services: Criminals are increasingly abusing free Web services to host malicious code. This can infect computers, limiting corporate network availability and potentially causing data leakage. There is therefore and increased need to manage access to these free sites.5. Update content filtering solutions to keep spam out: Last year saw an increase in email phishing attacks with phishing accounting for 4% of all spam. With employees accessing personal emails from work, the likelihood of phishers stealing information increases dramatically.

Comment on this story.

Business Solution: