Many executives are concerned about social media related risks (e.g., data security and ID theft), but far fewer actually have any social media training.
A recent survey of executives puts the concerns into four categories: disclosure of confidential information; damaged brand reputation; ID theft; and legal and compliance violations.
Another feature that the survey unveiled was that 71 percent of the participants believed that their company was worried about potential risks, but they also thought these risks could be avoided or resolved.
Over half the respondents said that their company lacked any social media risk assessment strategy.
Here’s another striking finding: 33 percent of businesses had a social media policy; 27 percent of participants reported no such policy; and the remaining 40 percent consisted of an even split: those who said their company was planning on creating such a policy, and those who said their organization had some other related policy.
While social media can bring benefits to businesses, namely in the realm of marketing exposure, they can also bring in lots of trouble as far as security issues.
How can companies find the right balance in between the two extremes of either banning social media altogether and allowing free reign of social media? Below are some solutions.
#1. Ban the ban. First of all, don’t outright ban access to social media. Otherwise, this can lead to other security issues. Furthermore, an employee who really wants to gain access to social media will dodge security, making the organization more susceptible.
#2. Execute policies. Do implement some kind of structure that regulates employee activity regarding social media. Employees need guidelines for proper use, which would also include what not to do.
#3. Social networks should be limited. There are hundreds of social networks—many uses are served, ranging from movies to music. But there are other uses that are not so innocent and less secure. Learn about these and make sure employees know not to go near them.
#4. No default settings. Default settings typically leave networks very vulnerable to attack. Settings should be locked down; most social networks do provide privacy settings and these must be managed at the highest level.
#5. URL lengthening service. Employees should never click on a shortened URL without first decoding it to see where it leads to. Shortened URLs can be pasted into an URL lengthening service.
#6. Train IT personnel. Don’t effectuate policies from the bottom up, but rather, from the top on down. Those in charge of managing technology need to be fully geared up with the risks of social media.
#7. Keep security updated. A business network always needs to be up to date with its security.
Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.
Follow Robert Siciliano on Twitter: www.twitter.com/RobertSiciliano