SMBs Deal with Social Networking Privacy, Security Challenges

A new survey from Panda Security found small to midsized businesses are embracing sites like Facebook, Twitter and YouTube even as they deal with security and privacy risks.

Social networking has its upside, but a new poll by Panda Security shows it is also introducing its share of risks to small to midsized businesses (SMBs) in the United States.

In the July survey, researchers discovered nearly 33 percent of participants had experienced a malware infection from social networking and media sites like YouTube. Facebook was the main source of headaches in this regard-with 71.6 percent of those saying they had been victimized by an infection on social networks.

"Social media is now ubiquitous among SMBs because of its many obvious business benefits, yet these tools don't come without serious risks," said Sean-Paul Correll, threat researcher at Panda Security, in a statement.

The researchers surveyed 315 people from organizations with up to 1,000 employees. For them, Twitter was named as the culprit by many of those reporting privacy violations (51 percent). Of the companies that suffered financial losses from those violations, 62 percent cited Facebook as the site where those losses most commonly occurred.

Roughly 35 percent of those infected took a financial hit, with more than a third of those companies reporting $5,000 or more in losses.

Concerns about privacy and security, however, have not deterred SMBs from seeing the benefits of social media. Seventy-eight percent of respondents reported they use social media sites as tools to support research and competitive intelligence, improve customer service, drive public relations and marketing initiatives, and directly generate revenue. Again, Facebook leads the way, with more than 69 percent stating their business has active accounts with it. Approximately 44 percent had Twitter accounts, while 32 and 22.9 percent had YouTube and LinkedIn accounts, respectively.

Nearly 57 percent of SMBs surveyed have a social media governance policy in place, with 81 percent using employees to actively enforce those policies. In addition, some 64 percent of respondents reported having formal training programs in place to educate employees on the risks and benefits of social media.

The most commonly disallowed social media activities include playing games (31.7 percent), publishing inappropriate content on social media sites (30.7 percent) and installing unapproved applications (25.2 percent). Roughly 25 percent of those surveyed said their companies said they actively block popular social media sites for employees.

"While a relatively high number of SMBs have been infected by malware from social sites, we were pleased to see that the majority of companies already have formal governance and education programs in place," Correll added. "These types of policies combined with up-to-date network security solutions are required to minimize risk and ultimately prevent loss."