Investigations have found that 45 members of staff at the Department of Work and Pensions (DWP) have been disciplined for misusing the internet at work in the past two years.
A Freedom of Information request by Proofpoint also found that four members of staff at the Child Maintenance and Enforcement Commission were sacked after using the office internet for pornography, shopping and unauthorised downloading. Another employee was given a written warning, while two others received verbal warnings.
Gary Steele, CEO of Proofpoint, said: “The Child Maintenance and Enforcement Commission deals with extremely sensitive issues and data about family issues and it is worrying that staff have been able to access unauthorised sites.
“Apart from the fact they should be doing their work and not logging onto completely inappropriate sites, these employees are risking the integrity of their office computer network.
“Online fraudsters and crooks are becoming increasingly sophisticated in targeting large organisations and just one click by an employee on a rogue email web-link could wreak havoc and lead to extensive data loss.”
The commission, which took over the collection of child maintenance from the Child Support Agency in November 2008, operates a blacklist of websites that staff should not access and says it puts filters on its computers to restrict access to them.
Another Freedom of Information request by F-Secure revealed that 45 members of staff at the DWP have been disciplined for ‘misusing the internet at work'.
When asked how many employees had been disciplined for online betting, pornography, unauthorised downloading, shopping and gaming, it declined to answer on specifics of what the offenders had done, citing the cost of retrieving the information. However, it admitted two staff had been sacked and 12 had received final written warnings. Police were called in on five occasions, although found no cases of criminality in four of them.
Sean Sullivan, security advisor at F-Secure, said: “The DWP deals with sensitive information about benefit claimants and it would be extremely embarrassing and damaging if this data fell into the wrong hands or its networks were compromised.
“It is a cause for concern when just one member of staff misuses the internet at work, especially if they are being paid by the public. However, the fact that 45 have been disciplined since 2008 is very worrying."
The DWP said that it has filters to block access to unauthorised sites both in its offices and when staff work remotely, while employees who use its computer systems are also reminded every day of the rules relating to the use of the IT equipment. Staff are also required to confirm that they have read the department's acceptable use policy and that they understand the related guidance and rules.