Acceptable Use Policies poorly understood or non-existent at a majority of British firms
• 31% of British firms don’t have an acceptable use policy (AUP)
• Blogging not covered at all by those companies who do
• Only a small percentage of AUPs cover IM and Web mail
A recent survey by network content technology firm Chronicle Solutions has shown that British companies have a long way to go in order to protect themselves and employees from abnormal Internet practices at the office.
More than 30% of respondents said they did not have an acceptable use policy (AUP) for the Internet at work, and of those who did, 94% said they had not read it recently. A full 42% said they had not read it in the last year, whilst 33% could not recall when they had seen it last.
Perhaps most interestingly, given the recent media attention paid to the petiteanglaise case, blogging appears to have slipped from anyone’s list of prescribed online activities in the workplace. Literally no one surveyed indicated blogging as an Internet activity banned or even covered by their employer’s AUP.
David Lacey, Internet security consultant and founder of the Jericho Forum, commented: “These findings are a matter of serious concern. Corporate reputations can be damaged by errant bloggers, fraud can be perpetrated via email, proprietary information can be leaked or sold for profit, private employee data can be shared, sexual harassment can be perpetrated, all on workplace PCs. Instant messaging and Web mail in particular are two of the most persistent vectors of information leakage, yet even those look to be absent from most AUPs.”
The survey also found that less than 5% of AUPs cover P2P file sharing, and that only 33% of employers ask new hires to read, agree and then sign off on the company acceptable use policy when they join. Astoundingly, the survey also showed that a massive 80% of respondents aren’t certain if there are penalties for breaching their company’s AUP.
Alan Watkins, executive chairman of Chronicle Solutions, commented: “The apparent reluctance of employers in the UK to develop and then enforce well-defined policies for the use of company computing assets, leaves them exposed to a universe of potential hazards. British companies must take steps to implement, regularly update and then police a comprehensive AUP and ensure that all employees understand their responsibilities.”
NOTES TO EDITORS
Chronicle Solutions sponsored the survey of working age Britons. Primary research was conducted from February 5th to 9th, 2007.
About Chronicle Solutions
Chronicle Solutions publishes netReplay, the world’s first Enterprise-class Network Content Recorder, which in real-time monitors, captures and text indexes all user communications – including email, web mail, IM, blogs and VoIP. netReplay offers a unified approach where all these types of communication are monitored and stored in a single system. netReplay handles previously un-manageable volumes of data and allows user communication to be replayed as the user saw it, enabling suspect content to be visually tracked and traced. With netReplay customers in highly regulated industries and government can mitigate risks, enforce compliance with regulations and benefit from eDiscovery.
For further information please visit www.chroniclesolutions.com