Cisco Blogs

Know the Security Implications of Social Media

November 10, 2010 - 0 Comments

Sites like Facebook and Twitter are a great way to promote your small business, but they also present some risks

There aren’t many Hollywood Movies that I get excited about, but I’ll admit that “The Social Network“, the movie about how Facebook got started, is one I’m looking forward to seeing. Facebook has enabled me to find long-lost friends and to keep in touch with relatives who are scattered around the country. But the use of Facebook also has its dark side.

Boasting more than 500 million active users worldwide, the social networking site is now being targeted by cybercriminals. Last month, Computerworld reported that spammers had exploited two Facebook bugs in a week. The bugs would allow spammers to flood the service with messages promoting scams, such as links to a website where they could “win” an iPhone by filling in their personal information. And just recently, the Wall Street Journal found that many of the most popular applications on Facebook have been sending identifying information to dozens of advertising and Internet tracking companies.

Small business security is a critical business function.  As an owner, this means being aware of the security threats caused by the use of social media sites. Spammers could lure your employees into divulging private information about themselves, your company, or your customers. Employees’ could unknowingly install Facebook applications that are really malware that could invade your network. And employees’ use of these sites could also reduce their productivity.

This year, Cisco surveyed its customers’ employee use of social media at work. The Cisco 2010 Midyear Security Report found that 7 percent of Facebook users spend an average 68 minutes a day playing the popular Facebook-hosted interactive game FarmVille. An additional 5 percent of employees spent just less than an hour a day (52 minutes) playing Mafia Wars, another Facebook application game.

Improving social media security

You’re aware of the power of social media, particularly to small businesses. Perhaps you maintain a blog yourself or have a presence on Facebook and Twitter to promote your business. But what can you do to protect your company and your employees from the threats of these tools?

Here are three steps you can take to improve your social media security:

  1. Make sure applications are up–to-date: Regularly check for and install any new updates or patches to the programs running on your employees’ computers, laptops, and smartphones—any device they use to access company data. Ensuring that Web protection applications are up–to-date, especially anti-virus and anti-spam software, will protect your company, employee, and customer data against cybercriminals.
  2. Secure your network from the ground up: Adding layers of security to your network will help protect your company from within as well as from the outside. Routers, security appliances, and intrusion prevention systems (IPSes) work to defend your entire network and protect critical business data from malicious threats and intruders.

Establish acceptable use policies: Create a guideline for what is and is not acceptable employee behavior on social media sites. Then, make sure to educate employees about those policies. For example, Cisco has made its Internet postings policy widely available by publishing it on the company’s blog, The Platform.

Here’s a key take-away from the Cisco security report that’s an easy first step for any small business to institute: Cultivate a workplace environment that encourages your employees to talk to you about social media usage. If not, employees could make bad decisions that impact your company’s security.

Has your business’s security been compromised due to employees’ use of social media? If so, what policies have you put in place to secure your business information?

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.