Report: Security Concerns Hinder Adoption Of Web 2.0, Social Networking In Business

• Sep 27, 2010

McAfee Inc. recently revealed that business leaders worldwide see the value of Web 2.0 in supporting productivity and driving new revenue -- but remain deeply concerned about security threats associated with deploying the technology.

A survey of more than 1,000 global business decision-makers in 17 countries found that half of businesses were concerned about the security of Web 2.0 applications such as social media, microblogging, collaborative platforms, web mail, and content sharing tools.

More than six out of 10 organizations have already suffered losses averaging $2 million, for a collective loss of more than $1.1 billion in security related incidents last year. There was another 60 percent concerned about loss of reputation as a result of Web 2.0 misuse. Brazil, Spain and India led in adoption of Web 2.0 technology for business, while adoption was lowest in Canada, Australia, the United States and the United Kingdom.

The report, titled “Web 2.0: A Complex Balancing Act – The First Global Study on Web 2.0 Usage, Risks and Best Practices” commissioned by McAfee and authored by faculty affiliated with the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University, examines the drivers for Web 2.0 and social networking use in business, and assesses their benefits and risks. Overall, the research highlights that while organizations see the potential value of Web 2.0 tools, decision makers continue to debate whether or how to allow employee usage of the technology in the workplace.

“Web 2.0 technologies are impacting all aspects of the way businesses work,” said George Kurtz, chief technology officer for McAfee. “As Web 2.0 technologies gain popularity, organizations are faced with a choice -- they can allow them to propagate unchecked, they can block them, or they can embrace them and the benefits they provide while managing them in a secure way.”

Key Report Findings:

• Web 2.0 adoption rates vary across countries -- Overall, Web 2.0 adoption rates are high, reaching 90 percent or above in Brazil, Spain and India. Adoption is lowest in the United States, United Kingdom, Australia and Canada.
• New revenue streams are the highest driver of Web 2.0 adoption -- Three out of four organizations reported that expanded use of Web 2.0 technologies create new revenue streams while 40 percent said the tools have boosted productivity and enhanced effective marketing strategies.
• Security is the leading concern -- Half of respondents named security as their primary concern for Web 2.0. There was also a third that identified fear of security issues as the main reason Web 2.0 applications are not used more widely in their business. Companies’ top four perceived threats from employee use of Web 2.0 are malicious software (35 percent), viruses (15 percent), overexposure of information (11 percent) and spyware (10 percent).
• Reputation damage is the biggest business consequence -- Sixty percent of companies reported that the most significant consequence from inappropriate Web 2.0 and social media usage is loss of reputation, brand, client or confidence. One third of respondents reported unplanned investments related to “work arounds” related to social media in the workplace. Fourteen percent of organizations reported litigation or legal threats caused by employees disclosing confidential or sensitive information, with more than 60 percent of those threats caused by social media disclosures.
• Many businesses block Web 2.0 rather than put policies in place -- Worldwide, 13 percent of organizations block all Web 2.0 activity while 81 percent restrict the use of at least one Web 2.0 tool because they are concerned about security. Yet almost one third of organizations reported that they do not have any social media policy in place. A quarter of organizations monitor how staff use social media and 66 percent have introduced social media policies, 71 percent of which use technology to enforce them.
• Executives and industry experts who contributed to the research agreed that successful organizational use of Web 2.0 is a complex balancing act. Enterprises must analyze business challenges and opportunities while mitigating the risks and ensure staff training and robust technologies are in place to avoid cyber attacks.

“Web 2.0 and social networking technologies can be used effectively for some business purposes,” said Eugene H. Spafford, founder and Executive Director of CERIAS. “But to reap the benefits of Web 2.0, organizations must be proactive about understanding and managing the corresponding challenges. That involves putting the right policies in place, and deploying the technology that can enforce those policies.”