IT pros careless with web security

gallery

IT professionals are twice as likely to use social networking sites while at work as regular employees, according to a new survey from Microsoft and security firm Facetime.

A fifth of those have replied to a complete stranger over such services and 17 per cent have downloaded an application without checking its security.

And even though they should be well versed in the dangers of identity theft, IT professionals are more careless with their personal data on such sites. Four out of ten have joined networks replete with strangers (compared to just 29 per cent of regular employees), 35 per cent have posted their date of birth, and 27 per cent have published their home address on sites such as Facebook and MySpace.

Microsoft says the attitude of IT professionals is alarming. "We assume IT pros are more technical and aware of things like phishing, but our research suggests the contrary," said Stephen Lamb, IT security evangelist at Microsoft.

Facetime suggests that complacency may be to blame. "We [IT pros] think we know it all, and we don't put enough thought into security," said Chris Boyd, security research manager at Facetime. "I had a call from an IT professional who was caught by a MySpace music group hack. This guy said 'I know what I'm doing' but he switched his brain off."

Boyd admitted that the only way to completely mitigate security risks from certain social networking sites is to blacklist them. However, Microsoft - which runs its own social networking site and is an investor in Facebook - claims better user education can reduce the danger.

"People don't appreciate the risks," said Lamb. "We need to raise awareness that things people believe are only open to a group of friends are in the public domain."

Email to a friend

Print this page