Download - 1st annual social media risk index
www.pandasecurity.com
1st Annual
Social Media Risk Index forSmall to Medium Sized Businesses
Panda SecuritySeptember 2010
www.pandasecurity.com
Survey InformationSurvey goal • Uncover top concerns among SMBs about social media, and draw correlations with actual incidence of malware and ultimately financial loss
Who was surveyed? • 315 representatives from U.S.‐based companies with 15‐1000 employees
• All participants involved in setting and/or enforcing policies related to network activities
Timeframe• Survey conducted during the month of July 2010
2
www.pandasecurity.com
Major ConclusionsNearly a third of SMBs have been infected by social media malware35% of those infected suffered a financial loss, with more than a third of those companies reporting $5,000+ in losses Facebook is driving the majority of social media‐related infections as well as employee privacy violationsMore than half of SMBs have adopted a social media governance policy, including 25 percent blocking employees from accessing popular social media sites via gateway appliances and/or cloud solutions
3
www.pandasecurity.com
Does your business currently use social media tools?
4
www.pandasecurity.com
Which of the following tools does your business have active accounts with? (Please check all that apply)
5
www.pandasecurity.com
What are the primary reasons employees use social media tools at your organization?
6
www.pandasecurity.com
Is personal use of social media allowed at work?
7
www.pandasecurity.com
Is personal use of social media allowed on company computers during non‐working hours?
8
www.pandasecurity.com
Are there any disallowed social media activities for employees?
9
www.pandasecurity.com
Which of the following activities are disallowed? (Please check all that apply)
10
www.pandasecurity.com
Does your company actively block social media sites from employees?
11
www.pandasecurity.com
How does your company block employees from accessing social sites? (Please check all that apply)
12
www.pandasecurity.com
Does your company have a social media governance policy in place for employees?
13
www.pandasecurity.com
Do you have personnel to actively enforce the policy?
14
www.pandasecurity.com
Does your organization plan to formalize a social media policy within the next six months?
15
www.pandasecurity.com
Is training about social media benefits and risks made available to employees?
16
www.pandasecurity.com
What are your biggest concerns about social media right now? (Please check all that apply)
17
www.pandasecurity.com
How knowledgeable is your company about the risks of social media?
18
www.pandasecurity.com
How knowledgeable do you perceive your company’s employees to be about the threats posed by social media?
19
www.pandasecurity.com
Has your business ever experienced any of the following as a result of social media use by employees? (Please check all that apply)
20
www.pandasecurity.com
For those suffering privacy violations: What social networking site did the privacy violation stem from? (Please check all that apply)
21
www.pandasecurity.com
For those suffering privacy violations: After the privacy violation occurred, did your company change its policies regarding social media usage by employees?
22
www.pandasecurity.com
For those suffering from infections: What social networking site did the malware or virus infection stem from? (Please check all that apply)
23
www.pandasecurity.com
For those suffering from infections: Were there any financial losses resulting from the malware or virus infection?
24
www.pandasecurity.com
For those suffering from infections: What were the estimated monetary losses from the infection?
25
www.pandasecurity.com
Is an updated antivirus installed on all employee computers?
26
www.pandasecurity.com
Does your business currently have web content filtering controls in place?
27
www.pandasecurity.com
The solution to Social Media threats? Panda Cloud Internet Protection (PCIP)PCIP provides policy‐driven secure web access delivered by and managed throughthe cloud, combining protection against web‐borne threats with data leakprevention and granular reporting of all Internet activities. By shifting securitymanagement and implementation to the cloud, PCIP increases businesses’ controlover web‐based activities while saving time and money.• Advanced threat protection: Beyond URL filtering, protect against Web 2.0
attacks, etc.• Controlled access: You can control every aspect of your employees’ behavior –
which websites, how long, how much bandwidth, etc• Fine Granularity: Control if employees can view or post on websites, use IM,
which file‐types allowed, etc.• Correlated reports: In a single console, view your policies, transaction‐level
reports, analysis across all services (secure, web access, DLP)
28