The study presented by Entensys (www.entensys.com) was completed in April-June, 2009. The results are based on the analysis of websites visited by 41,200 employees in 1,600 enterprises.
In the end of 2008, Entensys released a new version of UserGate Proxy & Firewall that included a content filtering tool. This feature enables the administrator to allow or deny users access to certain categories of websites. We have analyzed information collected over the course of three months. The normal divergence was found to be within the range of 0.1% to 1.5%, depending on the category. Thus, taking into account the specifics of data samples, the results can be considered reliable. The study was devoted solely to the usage of Internet at work. The reliability of the data samples is confirmed by the fact we analyzed information provided by enterprises from different industry sectors. The study revealed several categories of facts that might be of some interest to information security officers, network administrators, managers and business owners.
The first category includes facts associated with Internet abuse at work.
Over 20% of employees visit social network sites, blogs and personal sites daily. Thus, one of five employees spends a portion of time paid for by their employer socializing on the Web. Due to certain characteristics of such resources, these chats take considerably more time than chats over instant messengers (IMs) and, in the majority of cases, are not related to work.
A more discrete assessment of the rating chart shows that if we put together such categories as “Entertainment and Games”, “Video hosting sites”, “Personal online storage”, “Pornography and Adult sites” and others, we get another 26% of employees who visit non-work related sites at work, in addition to those who visit social networks.
In addition, 3.6% of employees visit online gaming resources on a regular basis. While the percentage of such employees is rather small, the magnitude of total business time spent on gaming may be quite considerable.
The second category deals with the costs of Internet traffic.
A relatively small number of employees (3%) who visit video hosting sites may, as a matter of fact, cost their employers a lot in terms of traffic expenses, channel bandwidth and general network performance. The same effects are caused by the employees who use their personal online file storages and buy and download music files at work.
The last category of websites on the rating chart, which is used by only 0.1% of employees surfing peer-to-peer networks, is still a vital threat to employers. In peer-to-peer (P2P) networks, data is constantly downloaded and uploaded, and several connections are kept alive at the same time. This is equivalent to several dozen users who download and send large volumes of data at once. Moreover, the use of P2P networks often implies transfer of data protected by copyright and other rights, which may result in lawsuits against the company from whose computer a P2P application was used. Potential threats to network security constitute the third and the most significant category of facts.
Rating chart available in the report indicates that 3.3% of employees come across websites that contain malicious software. With no virus protection and application filtering, visits to such resources may result in the loss or misappropriation of corporate information, followed by a number of distressing consequences.
Follow the link below to access the full version of the research http://www.entensys.com/products/productreviews.php?ID=1905.