Employees open up security risks as they chat online up to 23 times per day
Employees going online to chat are opening up potential security risks for their companies, according to web security firm, ScanSafe. The companys latest Web Security Report for the second half of 2005, highlights the growing trend of computer users turning to the Web to use Instant Messaging, Web messengers and chat rooms to communicate with friends, family and colleagues.
Figures from ScanSafe customers using its Web filtering technology, show that blocks per user in the chat category have increased dramatically in recent months, from an average of 100 blocks per user in June to over 700 per user in November an average of 23 times per day. This means that not only are greater and greater numbers of people choosing to go online to visit chat rooms, but that companies are starting to recognise the potential risks and are making the decision to ban its use in the workplace.
ScanSafe CEO, Eldar Tuvey, explains: Not only are employees increasingly using the Internet for both business and personal reasons around 40 per cent of users spend around an hour each day on recreational surfing alone! A growing percentage are going onto chat rooms and using instant messaging to communicate with friends.
We can see that users are starting to move away from slower forms of communication like email and getting into so-called presence communications like IM and VoIP, which are much more instant and dynamic. The trouble is that they also pose potential security risks by opening up a web based communications channel, which means that any company not adequately protected is then exposed to external threats.
ScanSafe, which provides a service that allows companies to block user access to inappropriate Web sites, including chat rooms and porn and gambling sites, recommends putting Web filtering in place and introducing a sensible policy that works for both employers and employees.
Ensuring staff are safe online is critical for both the individual and the business, but having an aggressive big brother policy can be detrimental, especially when you are trying to create an environment of trust and respect. Having the right technology in place and ensuring all of your staff understand where the company stands on Web security and personal Internet usage is the best way to achieve the right balance.
The following figures are taken from ScanSafes Web Threat Report for the second half of 2005 (July to December 2005). ScanSafes Threat Centre and web security experts analyse over three billion web requests every month. Key areas include Web usage and security, Web virus infection, and emerging Web threats:
* Spyware and Adware ScanSafe has seen a 265 per cent increase in the volume of Spyware and Adware during the second half of 2005, with the average number of Spyware and Adware threats blocked per client for the second half of this year growing from 2,280 in August to 8,320 in Nov
* Web viruses there has been a 165 per cent increase in new Web viruses in 2005 compared to 2004 the number of new viruses detected has sharply increased from 538 in 2004 to 1,185 during the first 10 months of 2005 (with 1,423 new Web viruses forecast for whole of 2005)
* Web browser vulnerabilities continually emerging as attackers focus on the Web as an area of network vulnerability. Protection of the Web by companies is weaker relative to email, network and desktop security. Areas of concern are: the emergence of vulnerabilities in Microsoft Internet Explorer; the administrative struggle to update patches in browser software; and advent of zero day exploits
* Migration to new communications tools as phishing and spam affect email, employees are migrating to other forms of workplace communications tools, including Instant Messaging (IM) which will have an impact on security.
* Popularity of RSS (Really Simple Syndication) poses a growing security threat people are starting to use RSS feeds to pull updated content via HTTP and XML rather than being pushed to them by SMTP. With this trend expected to increase in 2006, malicious code writers can take advantage by hijacking existing feed clients, causing automatic downloads of new worms and other web threats.