Employees using company computers to access social networking sites pose a real danger to the integrity of the firm's IT defenses.
As the fad for going online with social network chat rooms and other services grows, the process is beginning to worry IT managers and to represent a serious challenge to company discipline.
Studies are being conducted across the Internet attempting to quantify and characterize this phenomenon.
One such study includes a sampling of corporate America's top IT executives and reveals today's corporations do not have formal policies in place to manage and thus prevent data breaches/network attacks arising from employee social networking, such as instant messaging and surfing social community sites like MySpace.com.
The survey was conducted Mid-April during the twice-annual Storage Networking World Conference (SNW), an event designed specifically for IT executives and managers. Co-owned by Computerworld and the Storage Networking Industry Association, SNW is the world's largest IT storage networking event.
Other surveys being conducted show the growth is particularly threatening to smaller companies with less sophisticated IT protection systems.
As online social networking has increased with popular sites such as MySpace.com and Second Life as well as the use of instant messaging technology, IT executives are faced with a growing concern of protecting their computer networks from viruses and other attacks that can penetrate an IT enterprise from them.
Two-thirds of the conference attendees participating in the survey said their companies have no formal social networking policy in place. Of the 33 percent that do have policies in place, 77 percent said their policies covered "selective blocking" while 23 percent said they blocked all external networking.
"These responses show that IT executives are far more concerned with internal threats than they are with the connections the employees are making to external networks," said Thornton May, futurist and Computerworld columnist who was also a featured presenter at SNW. "The only way IT executives can remedy this situation is to institute policy."
Other results from the survey also addressed encryption and computer network downtime. About 54 percent of the conference attendees participating in the survey said their companies had no encryption, while 29 percent only encrypt laptops. About 8 percent encrypt all their company's PCs while 9 percent said "everything" (USBs, etc.) is encrypted.
Also, one-third of the responses said human error was to blame for downtime in IT networks. About 22 percent said IT resource upgrades were a main cause of networks not operating; 15 percent cited "service" failures and 18 percent pointed to network outages.