By Dawn Kawamoto, 29 April 2004 08:45
NEWS Given the choice at work between personal use of the net or a morning cup of coffee, employees say the coffee can go, according to a survey released Wednesday by Websense, which makes software designed to let companies control employee net access.
The study also looked at security issues such as workers accessing online hacking tools, surfing websites that contain spyware and using instant-messaging tools that aren't sanctioned by their company. These issues are becoming more of a problem, as companies fold the net into the fabric of their operations.
"The real business issue is the number of incidents is real high," said Kian Saneii, vice president of marketing and business development at Websense. "But the interesting factor is the perception of [information technology] managers and employees."
Fifty-one per cent of employees surveyed said they spent only two hours a week on personal web surfing, while IT managers estimate that the figure is likely in excess of six hours. That may explain why 49 per cent of employees surveyed indicated that they would rather give up their morning coffee than the ability to surf the net at work.
Personal surfing at work creates more than productivity issues for companies, according to Websense. Online hacking tools, viruses and spyware are also fallouts, IT managers said.
"Some employees take their laptops home and use their own time to download a movie. They may access a site where there's spyware or a virus and then they bring their laptop back to work and don't realise they've exposed people on their network. Usually, these things aren't malicious acts by employees," Saneii said.
But there are other cases, in which employee actions are deliberate and harmful. The survey found that although only two per cent of employees said they've used online hacking tools at work, a third of IT managers said employees have launched a hacking tool within their network.
Spyware is another area where employees and IT managers have divergent opinions on how much infection occurs at work. Six per cent of employees surveyed said they've inadvertently downloaded spyware, whereas 92 per cent of IT managers estimate that their companies have been infected by spyware at some point. IT managers, 40 per cent, also noted such infections are on the rise.
But IT managers have created some of the problems they're encountering. While 95 per cent of IT managers say their antivirus software is able to prevent viruses from attacking their company's network, two-thirds of these managers reported that a web-based virus such as MyDoom or Nimda has infected their network.
Meanwhile, roughly two-thirds of IT managers surveyed said their companies do not have a corporate instant-messaging system, even though roughly 17 per cent of employees use IM at work, and a portion of those people send attachments via IM.
Dawn Kawamoto writes for CNET News.com
Comments
There are 5 comments. Join the discussion
1. anonymous
The price of web enabled devices, PC's even laptops now should mean that no one needs to surf the web for personal reason or even send private emails using corporate resources.
2. anonymous
You go to work to WORK not mess about on the web. I find Silicon a very valuable resource but sometimes wonder how much time people spend writing these comments during office hours.
P.S, I am writing this in my car during lunch on my own laptop using my own vodafone modem, i.e I am not using any corporate resources.
3. Dave Nicholls
This article seems to have an odd slant on some of these figures. For example:
"Spyware is another area where employees and IT managers have divergent opinions on how much infection occurs at work. Six per cent of employees surveyed said they've inadvertently downloaded spyware, whereas 92 per cent of IT managers estimate that their companies have been infected by spyware at some point. IT managers, 40 per cent, also noted such infections are on the rise."
Why are these opinions seen as divergent? If 6% of users have introduced spyware then an IT manager with 17 users is highly likely to have seen an infection. The more users, the more likely it is to have hit a particular Manager.
Another example:
"Meanwhile, roughly two-thirds of IT managers surveyed said their companies do not have a corporate instant-messaging system, even though roughly 17 per cent of employees use IM at work, and a portion of those people send attachments via IM."
OK, two thirds of companies don't have IM, that means a third (or 33%) of companies do. So why is 17% of employee users surprising?
I find these sorts of surveys useful, to a point, but comparing mismatched statistics, apparently simply to make a point, is very misleading.
4. anonymous
Trust a consultant to point out the blindingly obvious... But has it occurred to anyone the products such as websense can also stifle creativity and productivity if deployed in an over zealous manner.
5. R A Marshall
Surely you have to be an absolute tw*t to get your machine infected with an email virus..?
There is simply no excuse for it. I mean, nobody but an utter moron opens the attachment on an email with the text "That file you asked for" or "Britney nude pics". I am amazed at the number of mass mail virus emails I get - am I undersetimating the stupidity of corporate employees or overestimating the level of security being provided?
Forgive my naivete - I don't use Windows OS if I can avoid it, so I am not exposed to so many malware and scumware threats - but isn't it just a question of properly warning, training...and limiting the net usage of workstation users - and only giving laptops to employees with at least half a brain and then training them on the threats of the web?
If I were a concerned IT manager I would install (or write if necessary) an app that isolates and quarantines a laptop whenever it makes a new connection to the company network and checks whether it has been connected to the web since it was last used on the network. If it hasn't, no action need be taken and a network connection can be established. If the laptop has been connected to the web (eg at home), a full virus scan with hermaneutics should be run.
I really can't see a problem provided users behave like adults and administrators and nwtwork security vendors think a little crreatively.
(PS I am writing this on my own time...)