New research commissioned by Webroot, the first Internet security service company, shows companies are becoming more vigilant when it comes to their employees’ use of social networking sites. The survey of more than 1,000 businesses from the United States and United Kingdom with up to 500 employees found most (81 per cent) have an employee Internet policy. Half (50 per cent) say employees are not permitted to visit any social networks via a company computer or laptop.

“Clearly the potential impact of social networks as a threat vector has hit home for IT administrators,” said Gerhard Eschelbeck, CTO of Webroot. “One in six of those we surveyed said a social networking site or Web 2.0 application was the source of an infection or attack and over half of companies said their network was infected with spyware this year. Every company needs to develop a policy for social networking use and should also deploy reliable Web security services for ongoing protection against zero-day threats.”

Just as new variants of the Koobface social networking worm continue to evolve, so are company policies - some have made changes as a result of an employee’s misuse of these sites:

42 per cent have implemented an Internet use policy as a result of an employee’s inappropriate use of social networking site; more than one-third (34 per cent) deployed a Web security product to monitor Internet use and enforce policies;
Four in ten of those polled (39 per cent)have an Internet use policy that  prohibits employees from visiting Facebook, 30 per cent block access to Twitter and 27 per cent from video-sharing sites like YouTube;
Two in ten SMBs (21 per cent) only allow employees to visit social networking sites during specific times (lunch break, after work hours, etc.);
16 per cent grant certain departments (e.g., marketing) permission to visit specific social networking sites.
Additional Findings:

Concern about threats via social networking sites remains high.

More than half of those polled (53 per cent)  say they are very or extremely concerned about malware infections via social networks;
Two out of five (42 per cent) are very or extremely concerned about data leakage through social networking sites.
Many SMBs say they were victims of security breaches in 2010.

Nearly one-third (30 per cent) say Web-based threats caused the biggest security headache for them in 2010;
More than one in ten (12 per cent) say sensitive company information has been released via their employee’s use of social networking sites;
50 per cent were victims of a virus or worm; while four in ten say they experienced a phishing attack this year.
Webroot’s portfolio of security services for businesses includes Webroot® Web Security Service, which provides URL and web content filtering, plus protection against Web-based malware threats for on-site and mobile employees; and Webroot Email Security Service, which delivers advanced protection against spam, viruses and data loss. Both solutions are designed to provide businesses with enterprise-class security with better manageability, better value and better protection than on-premise security solutions.

About the Research
Between October 29 and November 3, 2010, Webroot sponsored an online survey of businesses with 500 and fewer employees. Invitations to participate were emailed by e-Rewards to panel members in the United Kingdom and the United States. Respondents qualified for the survey if they were purchase decision makers for email or Web security. At the 95 percent confidence level the margin of error is ±3.0 percentage points for the full sample of 1,087 respondents, ±3.6 points for the US sample of 751 and ±5.4 points for the UK sample of 336