Is social networking a threat to your security?

Social networking sites could be exposing consumers and businesses to increased security risk, it has been claimed.

According to credit information provider Equifax, fraudsters could make off with users' personal information in order to commit ID theft - and the company is urging web users to limit the amount of info they post online.

Neil Munroe, external affairs director for Equifax, said in a statement: "The problem is that people don't realise the significance of the kind of information they are putting out on the web and who may be accessing it." He cited details such as date of birth, email, job and marital status as the kind of data frequently posted online by unwary users.

Munroe added: "Fraudsters can use this information to steal an individual's identity and open accounts in their name."

And Mark Murtagh, technical director of security company Websense, warned the rise of web 2.0 applications is creating "security and productivity challenges" for European small businesses.

When it comes to web security, research from Websense highlighted what it dubbed SME workers' 'blind confidence' in their IT departments - 66 per cent of workers believe in-house techies are protecting them from all internet security threats. Moreover, it found the vast majority (98 per cent) of IT managers believe their technology and security processes are adequate, while more than half (53 per cent) believe their company is very well protected against security threats. A quarter even feels completely immune.

This is dangerous complacency, said Websense. Out of a list of nine potential security risks, the survey showed that not a single company protects against all threats.

And while the majority (84 per cent) of European SMEs said they do have internet usage policies, only a quarter (25 per cent) ensure employees sign them. And fewer than half (47 per cent) automate their policies by using web filtering software. In addition, the survey found 15 per cent of businesses believe firewall and antivirus solutions are sufficient protection for their business.

The issue of data theft should be of particular concern for SMEs, according to Websense - not least because close to half (45 per cent) of survey respondents admitted to engaging in activity that could put their company's data at risk.

Murtagh blamed "smaller IT budgets and fewer technical staff" for punching holes in SMEs' internet security systems but also emphasised the data-theft risk resulting from companies' failure to control the use of peer-to-peer applications or to block access to phishing websites.

According to the survey, only six per cent of SMEs block iPods or other USB-based storage devices; 22 per cent block peer-to-peer apps; 30 per cent block instant messaging attachments; and 31 per cent block phishing sites. Meanwhile, a quarter of SME staff surveyed said they could not live without P2P file-sharing during their work day and 17 per cent said they use free software download websites at work.

The Websense study questioned 750 IT managers and general employees in companies with up to 100 to 250 employees in France, Germany, Italy, the Netherlands and the UK.

Equifax has issued a list of top tips for users of Facebook et al, including the following:

• set up privacy on your profile so only close friends can view it
• don't use common verification such as your date of birth or your mother's maiden name
• be wary of the intentions of anyone you meet on these sites