Cost of Security Incidents Due to IM and Greynet Use More than Doubles in One Year Wednesday 17 October 2007 PDF Print Third Annual Survey Reveals the Financial Impact of Greynets is Growing, Costing Companies More Than $289,000 per Year on Average Employees Continue to Believe They Have the Right to Download Applications of Their Choice on Work PCs UK, October 17th, 2007 — FaceTime Communications, the leading provider of solutions that control greynets and manage unified communications in the enterprise, today announced the results of its annual survey, “Greynets in the Enterprise: 3rd Annual Survey of Trends, Attitudes and Impact.” In September 2007, data was collected in a survey of more than 700 employees and IT managers to determine the impact greynet applications have on companies and organizations. Greynets – real-time consumer applications (e.g instant messaging, P2P, VoIP) that are often introduced by individual end users and use highly evasive techniques to traverse the network – pose myriad network and information security risks because they provide vectors for malware, intellectual property loss, identity theft and compliance risks. According to the study, greynet use has increased dramatically within the workplace. An average of nine greynets are in use within the typical organization, and 99 percent of IT managers report at least one greynet in use at their locations. In spite of deploying security infrastructure such as firewalls and IPS products, nine in 10 IT managers have experienced a greynet-related security incident in the last six months. In fact, only about 3 percent have avoided greynet-related security incidents during this period. While some greynets such as Skype, instant messaging (IM) and Web conferencing have legitimate business uses, IT requires visibility and control to ensure their safe and productive use. With other greynets, such as P2P file sharing, video streaming and anonymizers, the risks might outweigh the benefits and organizations need the ability to accurately detect and block them. Greynets can be evasive on the network, often circumventing the traditional security infrastructure that was designed for e-mail and standard Web traffic. The survey shows that the average cost companies incur in recovering from greynet-related incidents on company PCs has more than doubled over last year. IT managers reported spending an average of nearly $289,000 annually to repair or re-image company PCs after malware attacks over greynets. The cost reported in last year’s study was nearly $130,000 per year. On average, IT managers experience nearly 39 incidents per month that require some kind of repair or remediation to end-user PCs and each repair requires, on average, about nine hours of work. Employees don’t always see eye-to-eye with IT management regarding risky behavior on the network. For example, 80 percent of IT managers deem anonymizers – applications that disguise network traffic to permit anonymous use of the Internet – risky to corporate networks. In contrast, just more than half of users (57 percent) find them risky, for a 19 percent differential in risk assessment. The bottom line is that greynet usage makes IT nervous: 40 percent of IT managers report that public IM use at work poses “serious risk,” while another 46 percent indicate that IM poses “some risk,” for a total of 86 percent of managers who are wary of the public IM networks and their impact on the work environment. Employee Attitudes Regarding Greynet Use In FaceTime’s previous two annual surveys, employees candidly proclaimed their belief that they have the right to download the applications they need onto their work PCs, regardless of whether or not those applications are sanctioned by IT. This trend continues, with 36 percent of employees proclaiming this right in this year’s survey. In addition, 40 percent of employees said that they need more applications than are typically installed on their work PCs. This trend underscores the need for IT management to work more closely with employees both to understand changing workplace needs, as well as to educate the workforce on security and compliance issues facing the organization. In addition, this year’s survey reveals: - Eighty-five percent of employees report that they use their work PCs for “personal, non-work purposes,” and among these employees, 38 percent send personal IMs or engage in chat while at work. - The personal use of work computers is independent of company size. Across the board, approximately eight in 10 will surf, shop and chat over the company network, testimony to the continued blurring of personal and professional workspaces. - Fewer than half – 45 percent – of employees are at work locations where personal IM messaging is monitored by the organization. - The number of work locations with eight or more greynet applications in use has almost tripled in the last three years. Greynet Concerns in Unified Communications Deployments Concerns about the impact of greynets also extend to organizations that have or are actively planning the roll-out of unified communications (UC) applications – 44 percent of those surveyed. Larger companies, measured by employee size, are twice as likely to roll out UC compared to small companies. And, not surprisingly, security is the top concern for IT managers who are rolling out UC. Eighty-six percent of IT managers ranked security as their top concern, while only 65 percent indicated that return on investment (ROI) is a top concern. The survey revealed that 45 percent of IT managers are at work locations where enterprise IM or unified communications are deployed. However, even at these locations, 74 percent report that public IM networks are also used by employees. “Deploying enterprise IM or a unified communications platform can lead an organization to believe that it has given employees all the capabilities they need to collaborate effectively,” said Frank Cabri, vice president of marketing and product management for FaceTime. “However, the reality is that employees will continue to download new greynets at their own pace and will continue to use the consumer-oriented applications they are familiar with, both for work- and non-work-related communications.” Growing Compliance Concerns In addition to security concerns, regulatory and corporate governance requirements have prompted an unprecedented emphasis on compliance for IM and other real-time communications in use within enterprises. - Sixty-eight percent of IT managers are at work locations where there are specific guidelines and polices that govern the archiving and storage of IM, e-mail and chat communications. - Fifty-three percent of IT managers have received guidance from their corporate counsel concerning the archiving and storage of e-mails, IMs, chats and other employee communications. - Forty-five percent of organizations would be unable to produce an archive or record of a specific employee’s IM communications, if required to do so for legal purposes. - Thirty-two percent of the companies that have deployed enterprise IM also report they are incapable of producing logs of employee IM communications. The full report, “Greynets in the Enterprise: 3rd Annual Survey of Trends, Attitudes and Impacts,” is available from FaceTime at www.facetime.com/greynetsurvey2007. About FaceTime Communications FaceTime Communications enables the safe and productive use of instant messaging, Web usage and Unified Communications platforms. Ranked number one by IDC for four consecutive years, FaceTime's award-winning solutions are used by more than 900 customers – including nine of the ten largest U.S. banks – for security, management and compliance of real-time communications. FaceTime supports or has strategic partnerships with all leading public and enterprise IM network providers, including AOL, Google, Microsoft, Yahoo!, Skype, IBM, Reuters, and Jabber. FaceTime is headquartered in Belmont, California. For more information visit www.facetime.com or call 888-349-FACE. ######### FaceTime, FaceTime Communications, IMAuditor, RTGuardian, GEM, FaceTime Enterprise Edition, FaceTime Internet Security Edition, Unified Security Gateway, FaceTime Security Labs, IMPact Index, SpywareGuide.com and the FaceTime logo are registered trademarks and trademarks of FaceTime Communications, Inc. Other trademarks and registered trademarks are the property of their respective owners. FaceTime Media Contact: Sarah Carter firstname.lastname@example.org+44 (0) 7970 729068 Edelman UK Alex Smiddy Alex.email@example.com This press release was distributed by ResponseSource Press Release Wire on behalf of FaceTime Communications in the following categories: Computing & Telecoms, for more information visit http://pressreleasewire.responsesource.com/about.