Many companies restrict internal access. Others prevent employees from discussing or mentioning the company in social media during private time.
All of a sudden we've gone from print media to radio, television, Internet and now social media. This isn't a fad or craze that will go away like Beanie Babies or talking Elmo. Social media is the 5th media that encompasses all forms of media and it can all be accessed on a mobile phone. The interconnectedness is in everything; it deserves the marketing department's attention and freaks out IT.
Part of the issue is social media's allure. We've been hearing more and more about internet addictions. Well, social media is part of that. Then there's the disconnect between generations. Baby-boomers see the 9-5 day as work, work, work -- and there shouldn't be any distractions, i.e. fun. Younger generations are connected and don't know how not to be.
Companies who eliminate access to social media open themselves up to other security issues. Employees who are bent on getting access often skirt security and make the network vulnerable.
Part of the problem is that people's comfort level with Facebook, Twitter and MySpace makes them easy marks for cybercriminals, who are jumping on social networking sites with gusto, dumping spam, launching phishing attacks, stealing identities and installing malware. The same people who have learned to be very wary of phishing attacks, enticing links and sales pitches for cheap Viagra in their inboxes allow themselves to be seduced on Facebook and Twitter.
There is a serious disconnect between secure online behaviors and the playfulness of social media. Facebook is the adult version of Chuck E. Cheese, and who doesn't lose their mind at Chucks? The problem is Timmy is five and likes to eat at Chuck E. Cheese. George is thirty-five and likes to eat there, too. But George is a freak.
Bad guys are in social media and you CANNOT let your guard down.
Implement policies. Social media is a great platform for connecting with existing and potential clients. However, without some type of policy in place that regulates employee access and guidelines for appropriate behavior, social media may eventually be completely banned from every corporate network. Teach effective use by providing training on proper use and especially on what not do too.
Encourage URL decoding. Before clicking on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.
Limit social networks. In my own research, I've found 300-400 operable social networks serving numerous uses from music to movies, from friending to fornicating. Some are more or less appropriate and others even less secure. Knowem has a mind blowing list of 4600 as of this writing.
Train IT personnel. Effective policies begin from the top down. Those responsible for managing technology need to be fully up to speed.
Maintain updated security. Whether hardware or software, anti-virus or critical security patches, make sure you are up to date.
Lock down settings. Most social networks have privacy settings that need to be administered to the highest level. Default settings generally leave the networks wide open for attack.
Register company name and all your officers at every social media site. You can do this manually or by using a very cost effective service called Knowem.com.
Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. See Disclosures.
Robert Siciliano, Identity Theft Speaker, discussing Social Media on Fox Boston: