1st annual-social-media-risk-index

www.pandasecurity.com

1st Annual

Social Media Risk Index forSmall to Medium Sized Businesses

Panda SecuritySeptember 2010


Survey InformationSurvey goal • Uncover top concerns among SMBs about social media, and draw correlations with actual incidence of malware and ultimately financial loss

Who was surveyed? • 315 representatives from U.S.‐based companies with 15‐1000 employees

• All participants involved in setting and/or enforcing policies related to network activities

Timeframe• Survey conducted during the month of July 2010

2


Major ConclusionsNearly a third of SMBs have been infected by social media malware35% of those infected suffered a financial loss, with more than a third of those companies reporting $5,000+ in losses Facebook is driving the majority of social media‐related infections as well as employee privacy violationsMore than half of SMBs have adopted a social media governance policy, including 25 percent blocking employees from accessing popular social media sites via gateway appliances and/or cloud solutions

3


Does your business currently use social media tools?

4


Which of the following tools does your business have active accounts with? (Please check all that apply)

5


What are the primary reasons employees use social media tools at your organization?

6


Is personal use of social media allowed at work?

7


Is personal use of social media allowed on company computers during non‐working hours?

8


Are there any disallowed social media activities for employees?

9


Which of the following activities are disallowed? (Please check all that apply)

10


Does your company actively block social media sites from employees?

11


How does your company block employees from accessing social sites? (Please check all that apply)

12


Does your company have a social media governance policy in place for employees?

13


Do you have personnel to actively enforce the policy?

14


Does your organization plan to formalize a social media policy within the next six months?

15


Is training about social media benefits and risks made available to employees?

16


What are your biggest concerns about social media right now? (Please check all that apply)

17


How knowledgeable is your company about the risks of social media?

18


How knowledgeable do you perceive your company’s employees to be about the threats posed by social media?

19


Has your business ever experienced any of the following as a result of social media use by employees? (Please check all that apply)

20


For those suffering privacy violations: What social networking site did the privacy violation stem from? (Please check all that apply)

21


For those suffering privacy violations: After the privacy violation occurred, did your company change its policies regarding social media usage by employees?

22


For those suffering from infections: What social networking site did the malware or virus infection stem from? (Please check all that apply)

23


For those suffering from infections: Were there any financial losses resulting from the malware or virus infection?

24


For those suffering from infections: What were the estimated monetary losses from the infection?

25


Is an updated antivirus installed on all employee computers?

26


Does your business currently have web content filtering controls in place?

27


The solution to Social Media threats? Panda Cloud Internet Protection (PCIP)PCIP provides policy‐driven secure web access delivered by and managed throughthe cloud, combining protection against web‐borne threats with data leakprevention and granular reporting of all Internet activities. By shifting securitymanagement and implementation to the cloud, PCIP increases businesses’ controlover web‐based activities while saving time and money.• Advanced threat protection: Beyond URL filtering, protect against Web 2.0

attacks, etc.• Controlled access: You can control every aspect of your employees’ behavior –

which websites, how long, how much bandwidth, etc• Fine Granularity: Control if employees can view or post on websites, use IM,

which file‐types allowed, etc.• Correlated reports: In a single console, view your policies, transaction‐level

reports, analysis across all services (secure, web access, DLP)

28

1st annual-social-media-risk-index

Documents