Widespread failure to implement or enforce internet acceptable usage policies (AUPs) is leaving many U.K. companies open to potentially serious IT security breaches, newly published research has claimed.
The survey, conducted for network security provider SmoothWall, revealed that seven out of ten companies acknowledged that an AUP is crucial to the security of IT systems, but 38 percent went on to admit that their employees, who should be governed by such policies, are unaware of their contents.
Personal email (such as Hotmail and Gmail) was found to be used by more than 61 percent of respondents at work, while 41 percent admitted to using instant messaging applications such as Microsoft Messenger and Yahoo Messenger to communicate with friends and family. The rapidly growing popularity of Skype is also highlighted by that fact that 23 percent of respondents use Skype at work and presumably have loaded the Skype client on to their employers' computers.
The poll of more than 300 business internet users during November 2005 found that news sites are the most popular non-work-related sites, regularly visited by 85 percent of respondents. Shopping and auction sites were also found to be popular, with 40 percent shopping online from work and 37 percent using eBay and other auction sites.
"Employees are failing to take notice of the high profile incidents of employees being dismissed for accessing pornography at work, as more than a third of respondents said that they were aware of pornography being downloaded within their organization," said George Lungley, managing director, SmoothWall.
Although most organizations are prepared to allow a certain amount of non-work-related web browsing, the survey reveals much more than incidental usage. More than a third of respondents confessed to spending in excess of 30 minutes each working day accessing nonwork-related websites, while 22 percent spend more than an hour per day. Only 15 percent of respondents said they only accessed non-work-related sites during lunchtime and outside of core working hours.
A surprising 31 percent of respondents admitted to occasionally downloading music or videos over the internet while at work, with eight percent claiming to do it on a regular basis. Apart from the fact that downloading these large files consumes large amounts of internet bandwidth, employers could be considered to be complicit to any violation of copyright law.
"Companies are obviously still not enforcing internet usage policies. We recommend locking down corporate networks to all but essential business applications and strictly controlling access to nonwork-related websites during working hours," added Lungley.