Only 12% of IT managers in the UK believe that the 100 most popular Web 2.0 sites hold the most security threats, whereas according to research from Websense Security Labs, 70% of the 100 most popular sites have hosted or directed users to malicious code, phishing or fraud.

Over a third of the surveyed by Websense said employees have tried to bypass information security policies to access Web 2.0 websites. Although 82% said they had confidence in the organisation’s Web 2.0 security, only 43% reporting they have the tools in place to prevent confidential company data from being uploaded on the web.

Perhaps most shocking, nine percent of IT managers are not sure about their own IT security policies, Websense said.

This is worrying as 57% of the interviewed IT managers believe that Web 2.0 is necessary to their business, and 70% allow access to web-based email services. Three quarters said they feel pressured to allow more access to Web 2.0 sites.

Mark Murtagh, technical director at Websense, said: “As more employees access Web 2.0 tools and applications to enhance their productivity at work, IT departments are currently facing a dilemma. They don’t want to restrict access to these tools yet they are finding it difficult to establish the appropriate Web 2.0 usage policies and offer guidance to their staff.

“To that end, Websense has introduced best practice guidelines to help IT professionals safely harness the power of Web 2.0 within their organisations.”

Websense has made use of Web 2.0 itself, Infosecurity notes, in order to raise awareness by creating a Web2.0@Work – Powered by Websense page on Facebook.