Protecting Your "Social" Security
Your organization's cloud (whether it is private, public, or hybrid) is safeguarded by intruders through the use of firewalls, VPNs, SSL encryptions, and other security measures. However, what does a company do if proprietary information is used or misconstrued - that is information that was voluntarily released onto the world-wide-web? I'm talking about social media, where the world is a conversation.
In this day and age when everyone and their grandmother (literally) are hopping on the social media bandwagon, privacy regarding personal data on these websites is becoming an increasing issue. With super-platforms such as YouTube, Facebook, and Twitter, everyone is buzzing - but forgetting that what they are talking about not only is broadcast globally, but if in the wrong hands, can be dangerous.
Recently, Facebook has come under fire due to an application vulnerability that would allow hackers to link users to malicious websites. A recent article from PC World noted that the flaw could make users private data public domain. Then again, how strict can privacy settings be for information that users are willingly posting to the web?
The solution - make sure your organization has a social media policy in effect. It doesn't have to be anything fancy (i.e. written by an attorney, notarized, and framed in the office). Rather just a few bullet points added to the employee manual or posted to the organization's wiki or work server.
Some common areas employees should be notified of are:- Tweeting about projects not yet publically announced.
- If the company hasn't officially announced it, don't talk about it.
- Complaining about a co-worker or boss in your Facebook status.
- Not only is it disrespectful (save it for when you are home and want to vent to a significant other), but it is bad PR for your organization if employees are updating their news feeds with slander.
Another safeguard employees can use is to check their privacy settings on their personal Facebook pages to make sure they aren't letting their personal information outside of their own networks.
Here is another great article from PC World that instructs users on how to scan their own Facebook profiles for vulnerabilities.
Employees are allowed to have social lives, they just have to make sure their personal and professional Tweets/Posts/Blogs are thought out before they are released into the cloud that is the internet.