Top German firms ban Facebook and Twitter

Most of the 30 blue-chip firms listed in Germany’s DAX stock market index are banning employee use of social networking sites such as Facebook and Twitter according to a report in the German business magazine Wirtschaftswoche, as reported in the UK’s Daily Mail newspaper today.

The Mail says that German companies such as Volkswagen, Porsche, Commerzbank and HeidelbergCement are introducing bans in the workplace or have already done so.

In the case of Porsche, news emerged two weeks ago on their blocking actions as reported by Hans Kullin in Sweden:

Porsche AG is blocking employees’ access to social networks such as Facebook and Xing, according to an article in Automotive News. The reason is to shield the sports-car maker from industrial espionage.

Industrial espionage is one of the security fears which appear to be the main driving force behind this group ‘off-switch’ activity:

[…] Computer experts have identifying [sic] social network sites as posing the main threat to company IT systems. ‘Before it was email that was the favorite gateway for damaging software – today it is social networks,’ said representative of anti-virus provider Kaspersky Christian Fuchs.

Other companies, such as car firm Daimler, cited concerns about employee productivity.

Luxury car maker Porsche recently restricted Facebook use over industrial espionage fears while energy group E.ON and industrial gas giant Linde have also curbed access to Facebook and video sharing site YouTube at some of their offices.

A study by IT security firm Clearswift indicated that 30 percent of German companies fear social networking sites will distract their employees from work if they have unlimited access.

However, a much larger group — 56 percent – cited security concerns as the primary reason to restrict such sites, Wirtschaftswoche said.

This is quite startling when a large group of household-name influential businesses take collaborative action like this, for the reasons stated. It’s almost like the action of a cabal or a cartel.

It seems to me this is more about perceived productivity issues and control of what employees do than it is about security.

My podcasting partner Shel Holtz runs campaign and awareness-raising activity at StopBlocking.org with persuasive arguments and links to pretty balanced views on why blocking employee workplace access to social media is, in the end, an exercise in futility.

In particular, Shel posted a highly-relevant article from a Gartner tech event in the summer that speaks directly to this latest blocking activity in Germany:

[…] research director Andrew Walls told attendees that although infosec pros may worry that social networking will lead to uncontrolled malware outbreaks, phishing, breaches of confidentiality and trade secrets, and even damage to the corporate reputation, trying to take control or even block its use is akin to monitoring employees’ home phone calls and rifling through their postal mail.

“All this message traffic is not in your infrastructure,” Walls said. “It all takes place out there in the cloud,” plus it can be accessed from anywhere, and users’ privacy settings can make monitoring nearly impossible. “At the root of it is staff productivity, and security isn’t responsible for monitoring and managing the productivity of the organization.”

Some believe social media represents a growing platform for malware distribution, but Walls countered that argument, noting that antimalware vendors he’s spoken with say social networks are being victimized by the same malware plaguing email and websites. “So if I’m going to block social media on the basis of malware distribution,” Walls asked hypothetically, “why not block email?”

via searchsecurity.techtarget.com

I hope some sounder thinking happens on this issue soon at those top 30 German c0mpanies.

(Logos image at top courtesy of Autoblog.)