Over half of UK businesses have no IM, VoIP policy

gallery

Over half of UK businesses lack policies on IM and VoIP usage in the workplace, according to a new report.

The survey of 526 UK IT directors and employees by online polling firm YouGov and sponsored by security firm Symantec, found that 54 per cent of businesses have no specific policies in place relating to the use and management of email, instant messaging (IM) and voice over internet protocol (VoIP).

Only 6 percent of businesses admitted that they had been a victim of any security breaches via these applications. The study also found that 23 per cent of employees revealed that they have been exposed to a security threat, or know of someone that has.

While just over half of respondent viewed email as a critical part of their business operations, the survey found that 26 per cent of companies said they conducted a significant amount of business via IM and VoIP.

But embracing email, VoIP and IM hasn't translated into corporate polices. 46 per cent of companies noted that strict company policy for email was adhered to by employees. But only 26 per cent had strict company procedures enforced for IM and VoIP.

Fredrik Sjostedt, Symantec's Enterprise Messaging Management product manager said that using IM and VoIP meant that companies had "to ensure that they now employ the correct security policies and procedures to prevent possible attacks."

"We encountered a similar situation when email first became recognised as a critical business tool and have grown to understand more about how it needs to be managed. If we are to avoid making the same mistakes, businesses must act now to secure all communications technologies, or the potential risks and implications could be huge," he said.

Experts said that companies must have solid protection policies and strategies in place. David Emm, senior technology consultant at anti-virus company Kasperksy Lab said this includes clear policies on managing applications.

"Companies must understand which applications their users are running, including IM, and have a solution in place allowing them to block those that are inappropriate," he said.

Emm added that this helped in a number of ways by blocking unsanctioned applications as per the company's security policy and reducing cost by blocking unwanted bandwidth "throttlers" that can slow down critical business systems.

He said that such solutions help mitigate the risk of malware entering the network. "In the event of a zero-day or other outbreak targeting a specific application, centralised administration controls allow the administrator block targeted application from running, without causing downtime or interruption to the worker," said Emm.

Email to a friend

Print this page