Results highlights:

• 64 percent of U.S. companies deny their employees access to social networking sites such as Facebook, MySpace and Bebo
• 54 percent of HR decision makers have encountered or have had to discipline employees for time-wasting on the Internet
• 14 percent have had to discipline staff for data loss and 7 percent for posting inappropriate content on social sites but only 36 percent have a policy covering such usage
• 23 percent of HR decision makers are unfamiliar with Web 2.0 technologies such as YouTube, Facebook, and Wikipedia

Nearly 54 percent of HR professionals have had to discipline employees for wasting time on the Internet; this according to a new research from content security specialist Clearswift. In addition to wasting time, HR professionals are facing similar problems with staff accessing inappropriate content in the workplace as more than 46 percent have encountered or had to discipline employees for accessing pornographic sites at work. Another 14 percent of HR professionals have had to discipline employees for confidential data leakage, and 7 percent for posting inappropriate content on social media sites, blogs and wikis.

The survey also asked HR professionals what Web 2.0 sites their companies allow their employees to access. Sixty-four percent continue to block access to social networking sites such as Facebook and MySpace, 63 percent block access to wikis and blogs, and nearly 70 percent prevent their employees from accessing video or photo sharing sites such as YouTube and Flickr.

“The Internet, especially Web 2.0 sites and services, has created a difficult, and often unfamiliar battlefield for human resources professionals,” said Stephen Millard, VP Strategy at Clearswift. “While 87 percent of the people we surveyed reported that their organizations have a written Internet use policy, only 61 percent of their companies actually have a technology solution in place to enforce the policy – 20 percent of the respondents didn’t know if they have a solution in place. The rapid development of communications technologies – and the potential for both business benefit and employee misuse – poses a significant challenge for HR professionals. Despite their key role in employee disciplinary matters and policy development, our research found that 37 percent of those surveyed felt that monitoring employee use of the Internet and email was not their responsibility, and a further 34 percent thought it of little importance.”

The Clearswift survey polled nearly 700 HR decision makers in the United States and found that despite the rise in popularity of social networking sites, a significant number of HR professionals have yet to fully understand them. Of those Clearswift surveyed, nearly one in four professionals doesn’t understand Web 2.0 sites or has never heard of them. Only one-third (34 percent) of respondents actively use Web 2.0 technologies and 42 percent are familiar with the sites, but do not use them. Only 35 percent said their companies’ Internet usage policies covered the use of Web 2.0 sites and technologies while another 25 percent did not know.

Clearswift’s research found that HR professionals have their hands full; the majority spending most or all of their time organizing, managing training and development (66 percent); and recruiting and retaining staff (66 percent). When it comes to technology issues related to policy enforcement and monitoring, however, HR professionals are deferring to the IT department. In fact, 55 percent of those surveyed leave monitoring to the IT department.

“The question that is sparked by these results is, ‘Should IT managers be developing policies and enforcing them, making decisions on what they see as a breach of employee Internet usage policy?’suggested Millard. “In cases where a breach is less obvious, can IT even recognize what HR would see as a violation? The survey results make it clear that the HR and IT need to be working closely to develop and enforce Internet usage policies, and IT needs to educate the HR and the business as to the benefits and risks of new technologies. In 60 percent of the companies, both IT and HR develop the usage policies, yet only 19 percent of HR departments are involved in monitoring employee usage.”

In the event of a violation of the acceptable use policy, 47 percent of those surveyed rely on their IT department to notify them if they believe a breach has occurred. Only 3 percent reported that their HR department monitors employee Internet use and determines if a breach has occurred. In 15 percent of the cases, the HR department is automatically notified by the IT system of a possible breach. Another 23 percent reported that employee Internet usage is not monitored, but HR will investigate if notified of a possible breach by an employee or manager.

Millard added, “Companies need to provide more training and support to HR departments to empower them to effectively manage Internet use and the new Web 2.0 technologies and to understand the impact they can have on the business. We are urging businesses and HR departments to take a sensible approach to the risks posed by social networking sites like Facebook and MySpace. In today’s competitive environment, businesses cannot simply lock down access to Web 2.0 services; rather, they must embrace them and harness sophisticated content security solutions to protect themselves while allowing the business to enjoy the benefits these new technologies can provide.”

About the research

All the above figures, unless otherwise stated, are from Clearswift. Total sample size was 698 U.S. HR decision makers. Fieldwork was undertaken between October 1 – 26, 2007. The survey was carried out online.

About Clearswift

Clearswift simplifies content security.

Our products help organizations enforce best-practice email and web use, ensuring all inbound, outbound and internal traffic complies with stated policy and external regulations.

Our content filtering solutions make it easy to deploy, manage and maintain data leakage protection for email and web traffic, enabling compliance with regulations such as GLBA and HIPAA and industry standards such as PCI. Our inbound protection capability stops up to 100 percent of spam, spyware and malware.

Integrated solutions for Exchange and Domino traffic ensures that common policies can be applied on all email and web traffic, into, out of and within your organization.

More than 20 years of experience across 17,000 organizations, including highly sensitive military network security, has helped us raise content security standards while simplifying security management.