Sophos：逾半職員上班時被制止進入Facebook網站

50 Per Cent of Employees Blocked from Accessing Facebook at Work, Sophos Survey Reveals

August 21, 2007 – Research conducted by IT security and control firm Sophos has revealed that 50 per cent of workers are being blocked from accessing Facebook by their employers who are worried about the website's impact on productivity and security, and have therefore put policies or access controls in place to ban its use in the workplace.

In a Sophos poll of 600 workers*, 43 per cent revealed that their company was blocking access to Facebook, while an additional 7 per cent reported that usage of the social networking website was restricted and only those with a specific business requirement were allowed to access it.

In contrast, 50 per cent of respondents said that their company did not block access to Facebook, with 8 per cent specifying that the reason was fear of employee backlash.

A second poll** showed that 66 per cent of workers were concerned that their colleagues were sharing too much information on Facebook, which could lead to identity theft and targeted phishing attacks against the company.

According to Sophos, a large number of Facebook profile pages contain users' current employment details, which could be used together with other stolen information by cybercriminals bent on committing corporate fraud, or to infiltrate company networks. Last week, Sophos published research showing that 41 per cent of Facebook users were prepared to divulge personal information to a complete stranger (a small plastic frog called Freddi Staur), highlighting the extent of the problem facing businesses.
“Companies are split on the question of Facebook. Some believe it to be a procrastinator's paradise which can lead to identity theft if users are careless. Others either view it as a valuable networking tool for workers or are too nervous of employees backlash if the site is suddenly blocked,” said Graham Cluley, senior technology consultant at Sophos. “Companies need to make their own mind up as to whether they want to allow their users to access websites like Facebook and MySpace during office hours. If workers are allowed to be given access to these sites then it's imperative that they are taught best practices to ensure that they are not putting their personal and corporate data at risk. Five minutes spent learning the ins-and-outs of Facebook's privacy settings, for instance, could save a lot of heartache later.”

Sophos has reported a rise in the number of customers using its Web Security and Control appliance to block social networking websites like MySpace, Bebo and Facebook.

LloydsTSB, Credit Suisse, and Goldman Sachs are amongst the companies reported to have blocked employees from visiting Facebook.

“More businesses are restricting access to these kinds of sites. Employees may not like it, but these websites can represent a security risk if used carelessly. Unless there's a work purpose, many firms do not see any reason why staff should need to access them during work time,” continued Cluley. “Companies are increasingly looking to secure and control their workers' web activity because of the impact it can have on the company in terms of productivity, bandwidth and security.”

Sophos's user guide for behaving securely on Facebook is available at: www.sophos.com/facebook.

To listen to the latest Sophos podcast, which discusses the potential risks posed by social networking websites, please visit: www.sophos.com/podcasts.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.

* Sophos online survey, 600 respondents, 31 July - 13 August 2007** Sophos online survey, 287 respondents, 13 August - 21 August 2007