Social media has, for better or worse, become a large part of modern life but should it be a part of our working lives?
Obviously you don’t want your employees using social media when they’re supposed to be working but could it also be a security threat? Common social media based scams are aimed at generating ad revenue or clicks and likes with a view to later using that page or post to send out links to malware or other potentially dodgy websites.
“Social media is a very real threat, whilst a large amount of that threat is just like farming or forced advertising every business should treat it as a serious attack vector,” explains Mark James, ESET IT Security Specialist.
“It may be used to befriend you with a view to end malware through email or even direct as the end result, it’s not a quick procedure but if the reward is sweet enough then the time is justified.”
This kind of process could be used to target very specific staff, such as CEO’s or other senior management figures.
“Policies and boundaries…”
Mark explains that the key is an effective set of policies and boundaries with a healthy dose of staff education on what to watch out for.
“For security to be effective policies and boundaries need to be established on what is or is not acceptable to use or post on social media sites during working hours on hardware owned by the company.
“Employers need to have a clear procedure for data monitoring and intrusion detection, also staff need to be educated on the types of attacks that are currently or have recently made the rounds. “Make sure internet security software is installed and updating regularly and any passwords are changed often for social network sites.
“If possible use 2 factor authentication for added security and limit the personnel that are allowed access to corporate social networking applications. “It’s also very important to make sure that each piece of software used for social networking is configured with the optimal security settings.”