Business and IT professionals in China and Hong Kong expect their employees to do more holiday online shopping during working hours this year, according to the "2011 ISACA Shopping on the Job Survey: Online Holiday Shopping and BYOD Security".
The number of IT professionals is more than the professionals in Asia and in the States and this increase is attributed to the freedom given to employees for accessing daily deal and social networking sites.
The global survey, conducted among more than 4,700 business and IT professionals who are members of IT association ISACA, shows that employees in the region also have freedom for shopping online with a work-supplied device.
"The survey shows that companies in Hong Kong and China tend to have more flexibility regarding the use of work-supplied devices for personal purposes, such as online shopping and social networking, compared to other parts of Asia and the United States," said Michael Yung, president of the ISACA China Hong Kong Chapter.
"It is positive that organisations here are taking an 'embrace and educate' perspective, which allows them to get the benefits of using the technology available, while equipping employees with the training and awareness needed to minimise security incidents."
ISACA is a global provider of knowledge, certifications, community, advocacy, and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance.
The findings of its global survey show that four in 10 IT professionals expect that employees will spend an average of more than 12 hours shopping online during work hours.
More than half of those surveyed in China and Hong Kong said employees at their enterprises will spend six hours or more using a personal computer or smartphone during the holiday season.
Thirty-four percent of respondents in China and Hong Kong said their enterprises allow employees to shop online, and about 26 percent of those surveyed allow it with some restrictions.
"To make sure that access to social networking sites (SNS) and daily deal sites, as well as online shopping, are done safely with work-supplied devices, employees should be very careful with the company information on their devices, password-protect the devices, and ensure that the security tools and processes protecting the work-supplied devices are kept up-to-date," said Yung.
"From the IT department side, promoting awareness of the security policy is always key for effective risk management. It is also important to use secure browsing technology, encrypt data on devices, and take advantage of some of the industry best practices and governance frameworks like the Business Model for Information Security (BMIS)."
Sign up for CIO Asia eNewsletters.