Top 5 Threats To Corporate Social Media Security

5 Threats To Corporate Social Media SecurityIf the consequences of social media are keeping you up at night, this article is for you.  It’s understood that not participating in social media means being left out of the conversation but what exactly are you opening yourself up to when you do?

The first menace that social media provides is malware attacks.  When creating a cloud-based program, the time-to-market is lightning fast.  This means social media provides an optimal breeding ground for malware due to vast exposure potential and easy deployment.  The second menace is the ugliness of negative PR.  Social media shortsightedness can cause irreparable damage to both brand and career in less time than it takes to type out  “oh cr*p!” on a Blackberry keyboard.

Here is a takeaway list of threat sources to help you minimize the risk in social media:

  1. People. Participants are by far the most dangerous wildcard in corporate social media efforts.  Make sure that everyone involved has a set of guidelines to follow to help them make the right judgment calls.  If you don’t have a social media policy in place, you need one ASAP.  For help creating a social media policy, click here for a free template to quickly and easily avoid backlash and pitfalls of your employee’s commentaries.
  2. Mobile.  Deloitte listed these devices as the top security threat for 2012 in a recent study.  The data they contain places security in peril as increased access to information also increases threat.  The Australian government has great tips on how to secure mobile devices.
  3. Passwords.  There are some great password strategies to put into place to ensure every social media authentication is unique and strong.  Since passwords are the #1 IT support request, the more complex the password requirements, the more time IT may be spending supporting the forgetful.  Keep this in mind when contemplating password enforcement rules.
  4. Social Engineering.  In short, this means tricking people and best way to overcome this is to educate users on security guidelines.  This includes the new common sense stuff like not clicking on attachments that were not expected and avoiding links that do not point to reputable sources.  Special mention should be made about URL shorteners.  This service takes a long URL and transforms it to something like http://bitly.com/E3WZ5P. It makes it useful to squeeze in a long website name into a 140 character Twitter update, but it also masks the target URL and gives malware a prime opportunity to direct users into a trap.  Your best line of defense at this point is a security software strategy.
  5. Software.  To fight malware at it’s own game, it is imperative that all workstations and mobile devices have all the latest security patches.  A combination an up-to-date anti-virus (to protect from known threats) and application whitelisting (to protect from unknown threats) is the current approach used to stop malware in its tracks. As for mobile applications themselves, some platforms are more secure than others.  Google did some housekeeping in March 2011 and removed 60 applications from its app store that were found to have contained malware.  Apple tends to keep a tighter control over their application marketplace and has seen less instances of abuse.

So rest well at night with a plan to minimize social media risk.  Keep malware and negative PR at bay and feel free join in the conversation!

 

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.