Most users have at least some sense of the risks posed by social media. Businesses face many of those same risks, as well as other threats that can increase the odds of a successful security breach.
Thieves often use Facebook posts to find houses to burglarize while families are on vacation. Similarly, hackers mine LinkedIn for clues on how best to target a phishing or social engineering attack. If you have a company page, anybody can click to see all of your employees. This gives hackers a sense of your company hierarchy, so that they can pose as the boss or a colleague and trick someone on your staff into clicking a malicious link, opening a malicious attachment or sharing confidential information.
IT-related job postings are another goldmine of information, giving hackers an inside view of the hardware, applications, operating systems, databases and programming languages in use in your operations. The profiles of those connected to your organization provide similar clues about your technology, and may also alert hackers to potential backdoors into your operations through a business partner or supplier.
Your employees may inadvertently put your business at risk by posting sensitive, work-related information online, or by posting photographs or comments that damage your brand. Accessing social media accounts at work also heightens the risk of malware.
Many organizations are astonishingly lax about the security of their social media accounts. Accounts are often “owned” by an individual user, and the company struggles to regain access to the accounts if that person leaves the company. Worse, if that user becomes disgruntled, he or she could hijack the accounts, locking out other administrators and posting brand-damaging information. Or, the user’s credentials could be compromised, allowing hackers to take control of the accounts.
Obviously, you can’t eliminate your LinkedIn company page, online job postings or other social media activity. It’s important to be aware of these risks and take steps to reduce them. That’s why your business should have an effective social media policy. The policy should cover everything from account security to malware to the use of social media at work. It should also provide employees with incentives for sharing company-approved content, and tips for properly engaging with customers online.
Employee education goes hand-in-hand with your social media policy. Go over the policy and give your employees an opportunity to ask questions. This helps ensure that they understand what’s expected of them, and may reveal gaps in your policy that you hadn’t considered. Show your staff how to spot malicious links and attachments and
phishing attacks. Share tips about maximizing the value of social media, and how to respond in the event of a business crisis or public relations disaster.
Limit access to your company social media accounts to those who really need it, and make sure there are checks and balances to prevent account hijacking. Check the privacy settings of your social media accounts to ensure that they align with your business policies.
For many businesses, social media is a vital component of their brand strategy. As such, organizations should treat social media accounts as valuable assets to be protected and carefully controlled.
ABOUT THE AUTHOR
Lisa Detwiler, President joined SSD Technology Partners in 2006 as Chief Marketing Officer, and in 2014 she and her two partners Woodie Bowe and Nick Ewen purchased the company. Detwiler holds an MBA in Marketing and Strategy from Carnegie Mellon University. Lisa successfully led SSD through a difficult economy in 2012, recording the company’s greatest growth record in 31 years.
Lisa believes that our foundation for success does not come from fancy business buzzwords or the latest management fads. Success comes from behaviors and commitments to basic guidelines of how we operate as individuals and as a company; do what’s best for the client, practice blameless problem solving, seek to create win/win solutions, check the ego at the door, and communicate to be understood.
Lisa serves the community as a Board Chair of both the American Red Cross and the Delaware Better Business Bureau and has been a member of Wilmington Rotary Club for 10 years.