A survey from Panda Security finds social networking sites can be dangerous for SMBs, but their benefits remain alluring.
A survey from cloud security specialist Panda Security of 315 small
to medium-size businesses with up to 1,000 employees revealed 33
percent of these companies had experienced a malware or virus infection
from social networks, with 23 percent citing employee privacy
violations resulting in the loss of sensitive data. In addition, 35
percent of survey respondents that were infected by malware from social
networking sites suffered a financial loss, with more than a third of
those companies reporting losses in excess of $5,000.
The survey, Panda's first annual Social Media Risk Index, found SMB's
top concerns with social media include privacy and data loss (74
percent), malware infection (69 percent), employee productivity loss
(60 percent), reputation damage (50 percent), and network
performance/utilization problems (29 percent).
However, these concerns are not deterring SMBs from reaping the
business benefits of social media as 78 percent of respondents reported
that they use these tools to support research and competitive
intelligence, improve customer service, drive public relations and
marketing initiatives and directly generate revenue.
"Social media is now ubiquitous among SMBs because of its many
obvious business benefits, yet these tools don't come without serious
risks," said Sean-Paul Correll, threat researcher at Panda Security.
"In Panda's first annual Social Media Risk Index, we set out to uncover
the top SMB concerns about social media and draw a correlation to
actual incidence of malware infection, privacy violations and hard
Facebook was found to be the most popular social media tool among SMBs:
Sixty-nine percent of respondents reported that they have active
accounts with this site, followed by Twitter (44 percent), YouTube (32
percent) and LinkedIn (23 percent). The popular social networking site
was also cited as the top culprit for companies that experienced
malware infection (71.6 percent) and privacy violations (73.2 percent).
YouTube took the second spot for malware infection (41.2 percent),
while Twitter contributed to a significant amount of privacy violations
(51 percent). For companies suffering financial losses from employee
privacy violations, Facebook was again cited as the most common social
media site where these losses occurred (62 percent), followed by
Twitter (38 percent), YouTube (24 percent) and LinkedIn (11 percent).
To minimize the risks associated with social media, 57 percent of SMBs
currently have a social media governance policy in place, with 81
percent of these companies employing personnel to actively enforce
those policies. In addition, 64 percent of companies reported having
formal training programs in place to educate employees on the risks and
benefits of social media. The majority of respondents (62 percent) did
not allow the personal use of social media at work.
"While a relatively high number of SMBs have been infected by malware
from social sites, we were pleased to see that the majority of
companies already have formal governance and education programs in
place," Correll said. "These types of policies combined with up to date
network security solutions are required to minimize risk and ultimately
The most common disallowed social media activities include: Playing
games (32 percent); publishing inappropriate content on social media
sites (31 percent); and installing unapproved applications (25
percent). In addition, 25 percent of companies said that they actively
block popular social media sites for employees, mainly via a gateway
appliance (65 percent) and/or hosted Web security service (45 percent).