2/3 of people worried about information shared on Facebook

Research conducted by IT security and control firm Sophos has revealed that fifty percent of workers are being blocked from accessing Facebook by their employers who are worried about the website’s impact on productivity and security, and have therefore put policies or access controls in place to ban its use in the workplace.

In a Sophos poll of 600 workers*, 43 percent revealed that their company was blocking access to Facebook, while an additional seven percent reported that usage of the social networking website was restricted and only those with a specific business requirement were allowed to access it.

In contrast, 50 percent of respondents said that their company did not block access to Facebook, with eight percent specifying that the reason was fear of employee backlash.

A second poll** showed that 66% of workers were concerned that their colleagues were sharing too much information on Facebook, which could lead to identity theft and targeted phishing attacks against the company.

According to Sophos, a large number of Facebook profile pages contain users’ current employment details, which could be used together with other stolen information by cybercriminals bent on committing corporate fraud, or to infiltrate company networks. Last week, Sophos published research showing that 41 percent of Facebook users were prepared to divulge personal information to a complete stranger (a small plastic frog called Freddi Staur), highlighting the extent of the problem facing businesses.

“Companies are split on the question of Facebook. Some believe it to be a procrastinator’s paradise which can lead to identity theft if users are careless. Others either view it as a valuable networking tool for workers or are too nervous of employees backlash if the site is suddenly blocked,” said Graham Cluley, senior technology consultant at Sophos. “Companies need to make their own mind up as to whether they want to allow their users to access websites like Facebook and MySpace during office hours. If workers are allowed to be given access to these sites then it’s imperative that they are taught best practices to ensure that they are not putting their personal and corporate data at risk. Five minutes spent learning the ins-and-outs of Facebook’s privacy settings, for instance, could save a lot of heartache later.”

Sophos has reported a rise in the number of customers using its Web Security and Control appliance to block social networking websites like MySpace, Bebo and Facebook.

LloydsTSB, Credit Suisse, and Goldman Sachs are amongst the companies reported to have blocked employees from visiting Facebook.

* Sophos online survey, 600 respondents, 31 July – 13 August 2007
** Sophos online survey, 287 respondents, 13 August – 20 August 2007