How Can Social Media Use Potentially Compromise Your Business?
How can social media use potentially compromise your business?
Uneven data policies and defenses
One concern comes from the data policies followed by social media companies, and the cyber defenses they’ve adopted to safeguard your information. To what extent can they guarantee privacy or confidentiality? How can they legally use your data, and how susceptible are they to a data breach? Furthermore, as discussed in a recent article from CIO Dive, companies can change their data policies or rules under a variety of circumstances, including mergers. Protections around your information might weaken.
Employee oversharing
Employees may carelessly share sensitive data on social media accounts, including Facebook, Twitter, and LinkedIn. The information they publicize may include details about ideas still under development and ongoing deals that haven’t yet been made public.
Your employees may also overestimate how much privacy they enjoy on social media accounts. They may wind up sharing various confidential details through what they assume are private messaging systems on these sites.
Research material for cyber criminals
Cyber criminals frequently rely on phishing and other types of impersonation to trick employees into disclosing sensitive data, ranging from Social Security numbers to salary information to customers’ addresses or emails.
Impersonation can get carried out with a sophisticated and targeted approach. Instead of a relatively generic phishing email that can be deployed against numerous organizations, cyber criminals may focus on tricking you or some of your employees in particular.
For example, they may send an email that sounds as if it’s coming from a colleague. This email may request certain sensitive documents, or it may contain a corrupted file attachment or link that infects your system with malware. To make the email sound more authentic, cyber criminals can use public sources, including social media, to research the individual they’re impersonating. They can find out all kinds of details about your business in general and about particular employees’ preferences, traits, habits, writing styles, and schedule.
A similar kind of impersonation can occur over the phone. For example, if you report on social media that your company’s network is experiencing some downtime, perhaps you’ll receive a phone call from someone who claims to be a computer specialist.
Addressing the dangers of impersonation and social media use
Your business’s IT Policies should include rules and guidelines about social media use, including the following:
- The kinds of information employees are forbidden to share about your business on social media platforms, even in what they consider ‘private messages’ on their accounts.
- Stronger password habits (e.g. not using the same password for multiple accounts) and user authentication (e.g. the use of two-factor authentication).
- Mindfulness about the kind of information you and your employees disclose and the risks involved, both to themselves and to your business.
Furthermore, your policies should spell out and enforce the use of stronger verification practices to lower the chances of a successful phishing attack or other impersonations.
For example, if an employee receives an email requesting a sensitive financial document, maybe they’ll be required to first run the request by two additional employees before transmitting the information. Similarly, instead of providing details over the phone to someone who sounds like a computer support specialist, they’ll need to obtain additional verification. Certain kinds of information, like passwords, shouldn’t get sent via email or shared by phone at all.
To receive assistance and additional advice, please contact us. Strengthening cyber security at your company involves accounting for the risks of social media platforms and the possibility that they can compromise your privacy and security.