Too many staff in organisations across the UK are posting comments online about business activity, with their actions posing a major threat to client and company confidentiality, warns KPMG.

The problem is made worse by a lack of internal control and failure to recognise the increased risk of security breaches, according to the firm's head of cyber response, Martin Jordan.

In a speech to delegates at a Chartered Institute of Internal Auditors conference in London today, Jordan warned that companies adopting a laissez-faire approach to employee social media activity may be exposing themselves to unnecessary high levels of risk. His comments come against a backdrop of research revealing that 1 in 4 C-suite executives admit sensitive information has been leaked to the public through sites such as Facebook, LinkedIn or Twitter.

With one in three of those working in organisations with blocked access also finding ways to circumvent security protocols on their work devices to meet social networking needs and just 48% providing two hours or less social media training per year, it appears that many organisations have not grasped the dangers that social media presents or taken sufficient steps to secure themselves.

Jordan, a partner within KPMG Risk Consulting, told delegates at the summit: “Too many organisations mistakenly believe that the likes of Twitter and LinkedIn are the only social media sites to worry about, but their popularity in the UK does not make them a unique threat. In an increasingly global world, with satellite offices and customers around the world, attention must be given to country-specific social networking sites such as those in China and parts of the Middle East. Even at a local level it is amazing how the simple tricks are the ones that are missed. How often, for example, are passwords changed? How many are too simple to be safe?

“No one is suggesting draconian measures are the answer to protect company reputations, but adopting an ‘ostrich approach’ will not make the problem disappear. At the very least business leaders need to find the balance between doing the right thing for their staff, their reputation and their clients and this often means imposing measures to clarify acceptable levels of communication online.”

Share Story: