Social Media Security Risk

Currently, I’m working with HR / Comms at a Fortune 500 company that is evaluating its position toward allowing open employee access to social media.  We did a great deal of research and analysis, trying to balance the upside to employee engagement, with the downside of employee productivity and security risks.

I think the security risk argument for closing access to these sites is growing in relevance (unlike the employee productivity one). I just came across a new study from an IT security firm called Sophos which identifies attacks on Facebook as a growing threat:

“[O]ver 72% of firms believe that employees’ behavior on social networking sites could endanger their business’s security. This has increased from 66% in the previous study. The number of businesses that were targets for spam, phishing and malware via social networking sites increased dramatically, with spam showing the sharpest rise from 33.4% in April to 57% in December. This highlights a surge in exploitation of such sites by spammers.”

The study suggests that the perception of the risk posed by social networks is increasing.  I think the most striking part of the report is the following:

“72 percent of the firms surveyed said they’re concerned that employee behavior on these sites puts their infrastructures and sensitive data at risk. Yet, 49 percent of these firms allow their staff unfettered access to Facebook, up 13 percent from a year ago.” (Sam Diez blog)

This aligns with what I’m hearing in the marketplace: Companies are increasingly viewing Facebook as the new email and opening access to it.  Of course, this approach differs by industry (for example, financial services organizations are stricter than professional services), but the genie is out of the bottle. Blocking access after granting it is much tougher than never granting it at all.

Where is this going? I think ultimately, just as we’ve learned to be a bit smarter about recognizing spam emails, we will become smarter about identifying when we’re being attacked on social media.  The burden will be on employers to increase employee education of these threats, beyond re-stating plain old policies.

Link to the full report

via zdnet

Advertisement
2010
02/03
CATEGORY
facebook
security
Write comment

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.