Social media has come as a great boon to the business world as much as to and possibly even more so than for private individuals. Companies use social media to promote their brand and company image, to connect with their customers in more personal ways and to facilitate communications among their employees.
However, along with this good come a fair number of significant security risks. Imagine a government agency whose large databases of private information on its citizens or a financial institution or online merchant with credit card information, social security and state issued id numbers, in the same attractive light as a malicious hacker or hacking network would.
Now add to that, the increasing difficulty that firms in a labour shortage experience with finding highly qualified staff, who have been properly vetted at the level necessary to ensure that the business’ confidential information is safeguarded. While it’s not too difficult to see where things can go seriously awry in this scenario, it’s also critical to understand that an internal compromising agent may also be giving unintentional and subtle hints to malicious actors through their online social postings.
Employees who complain about their supervisors or company policies, their wages, their dissatisfaction with the work environment and even their inability to pay their debts, could by signalling to those with antisocial motivations that these employees are vulnerable enough to be a point of security compromise for the company.
Sometimes employees don’t even need to be contacted by outsiders to disclose sensitive company information. Without malicious intentions, an excited employee may share details of an impending business deal with a large account or post a reminder for another employee on their company’s security policy for generating passwords.
There are times however, when employees are disciplined for workplace misconduct or believe that they have been unfairly passed up for a promotion and find themselves motivated to “get back” at the firm that treated them with impunity. Monitoring social media can be an invaluable proactive means of pre-empting a security disaster. It can alert companies to employee dissatisfaction before it reaches a critical and damaging threshold.
Knowing a little about employees can help with spotting other activities that may signal an imminent problem, such as increases in anti social behaviours, substance abuse and a bullying and harassing personality. It can’t be overstated that humans are the weakest link in the security chain, but they are also the strongest point of offense in preventing a major business catastrophe.
Having policies about acceptable social media use by the business’ employees along with training and security monitoring for breaches will go a long way towards ensuring that secure company information is not compromised. Employees downloading of social media attachments on company computers should be discouraged.
It also follows, that there should be extremely tight security controls and policies around what staff can upload to their private accounts. In the world of company security, forewarned is forearmed. These days, many security policies are implementing some form of multi-factor authentication.
Instead of having a password as the sole means providing access to the corporate network, requiring that an authentication code sent to the employees’ private devices be entered as well adds an additional layer of protection to the login process. Lastly, emergency procedures to protect from further security breaches during a compromise are absolutely critical.
They will limit the scope of the hacker attacks as early as possible, rather than have the company sit by while all of their sensitive data is compromised by unauthorized and malicious sources.
About Fama.io Fama offers cloud-based security solutions and consulting services providing businesses with proactive insight. The firm provides companies with an inside view into the online habits of their employees, delivering a social media background check.