The recent popularity of social networking sites such as Facebook, MySpace and Bebo are costing UK corporations close to £6.5 billion annually in lost productivity, according to a poll conducted by Information security consultancy - Global Secure Systems (GSS) and Infosecurity Europe 2008 www.infosec.co.uk.
The poll was carried out amongst 776 office workers, who admitted to spending at least 30 minutes a day visiting social networking sites whilst at work, that’s a minimum of 10 hours a month which equates to 3 weeks of every year with two respondents who were so hooked that the spend 3 hours visiting these sites everyday!! The end result is potentially billions of pounds in lost productivity maintain GSS, plus the extra demand on bandwidth which is an additional cost to a business in terms of efficiency, maintenance and resources.
In a recent meeting held by Infosecurity Europe 2008 with 20 CISOs one of their biggest IT concerns for 2008 was how to manage social networking sites at work, with many estimating that between 15% and 20% of their current bandwidth is being taken up with social networking sites and for many the best move forward is to ban these sites altogether.
Claire Sellick – Infosecurity Europe Event Director said “It would appear that most CISO and IT Directors loathe social networking sites and if they had their way would ban them completely, but what is also coming across loud and clear is that the HR departments actually welcome the use of these sites – so there is a lot of internal pushing and shoving going on between HR and IT over how best to manage these sites.”
One FTSE100 CISO reported that they now block Facebook as it was consuming 30% of their bandwidth and they are looking to block both MySpace and e-bay as they consume 10% and 5% of the corporate Internet browsing bandwidth.
According to recent research by Computerweekly.com 63% of businesses are planning to monitor or limit staff access to these sites and 17% plan to ban access at work completely over the next 6 months.
David Hobson MD of GSS said “Social networking sites are now integral to the way that many of the latest and youngest recruits into the workforce communicate and work, so for some sectors social networking sites may have a part to play in terms of competitive advantage or used for research or as a marketing tool. It comes down to a fine balancing act – and mostly a case of introducing a “reasonable use” policy.”
“However, what is apparent are the serious security implications associated with social networking, where hackers, exploiters and extortionists are worming their way into these sites extracting all sorts of information on the members – our advice as always to anyone using these sites is to give as little personal information away as possible.” said Hobson.
GSS claims to have saved thousands of pounds a year by practicing what they preach by limiting access to Facebook and other social networking sites on its company network with Internet filtering software.
“Our Internet bandwidth requirements recently came up for review and it was suggested we would need an upgrade, costing a few thousand pounds more a year," said David Hobson, managing director of GSS.
"After analysing the traffic patterns, however, we realised that around 25 per cent of our Web usage was for social networking sites such as Facebook. After locking down this traffic and just allowing staff to view these sites during their lunch hour or after work, we found we didn't actually need to upgrade our bandwidth after all and have saved a considerable amount in the upgrade costs!" he added.
At Infosecurity Europe 2008 the subject of security and how to manage social networking vulnerabilities will be covered in a number of seminars and there is a keynote panel with Giles Hogben, ENISA, David Lacey, Member of the BCS Security Forum Strategic Panel and Martyn Croft, Head of Corporate Systems, The Salvation Army.
“Organisations have a very long way to go in getting to grips with the risks presented by social networking. Lost productivity is the tip of the iceberg. The threat of social engineering to hijack sensitive information is real and growing. And current acceptable use policies are far from acceptable: they are poorly written, maintained, communicated and enforced. There are also some big, political issues that have to be addressed such as how far to police or trust staff, and how to maintain thought leadership across highly networked groups of staff.” Said David Lacey, Member of the BCS Security Forum Strategic Panel.
"The Salvation Army, as a Christian church and charity, has a mission to spread the Christian message and to reach out to those in need - and we'll employ any tools we can to achieve that aim, whether we're working in the community or even in cyberspace. Social networking sites can be a great tool for reaching out to people, but they can easily consume vast amount of precious resources like staff time and network bandwidth and we need to ensure that all our resources are used wisely and effectively. We try to achieve an appropriate balance and have to ensure that our essential services are not compromised either by overuse of social networking sites, or by new vulnerabilities exposed through these websites." - Martyn Croft, Head of Corporate Systems, The Salvation Army.
Source: InfoSecurity
Social Networking Sites Costs UK plc £6.5 Billion In Lost Productivity
CIA warns businesses to beware hackers
Just weeks after MI5 warned banks and utility owners that hackers are targeting systems that control critical national infrastructure, the CIA has issued a similar warning to US operators.
CIA senior analyst Tom Donahue told an international Sans Instituteprocess control security conference last week that the agency had evidence from outside the US that hackers were blackmailing victims.
"We have information, from multiple regions outside the US, of cyber intrusions into utilities, followed by extortion demands," he told 300 officials, engineers and security managers from electric, water, oil & gas and other critical industry operators from the US, UK, Sweden, and the Netherlands.
"We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge," he said. "We have information that cyber attacks have been used to disrupt power equipment in several regions outside the US. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the internet."
In December the UK's Centre for the Protection of National Infrastructure wrote to 300 UK firms warning of hack attacks by "Chinese state organisations".
The UK and US authorities have developed checklists for any firm that believes it might be a target. For more information on the US's SCADA and Control Systems Survival Kit e-mail scada@sans.org. The CPNI's advice was updated last week.
Windows' Genuine Disadvantage
Recently it emerged that Microsoft is removing the "kill switch" from Vista.
When you install Vista, Microsoft claims that you consent to being spied upon, through the "Windows Genuine Advantage" system. This system tries to identify instances of copying that Microsoft thinks are illegitimate. This system includes a "kill switch" which allows Microsoft to remotely deactivate your copy of Vista. This deactivation, whether deliberate or by accident -- as has been the case in some 500,000 cases already according to a study last year -- locks you out of your computer, and forces you to contact Microsoft to get access to your files.
While they may have now ostensibly removed the kill switch from Vista, they have not updated the hostile license they say you must agree to in order to use Vista. Vista still restricts your freedom, because freedom at the whim of someone else is not freedom.
Read on...
Free software conference in Colombia
The first International Conference on Free Software, Technological Literacy and Solidarity Economy took place in Bogotá (Colombia) from 13th to 15th of November. More than 80 speakers and 600 assistants attended at the the Tequendama Hotel, a traditional meeting point in the city.
Bogotá, a city in the clouds
I’ve lived in Amsterdam for more than a year; in Amsterdam life takes place either a few metres above or a few meters below sea level. So getting used to Bogotá, at an altitude of 2.640 metres, takes a couple of days.
Read on...