Social Media Sites: Employers Should Block Them

To prevent hackers from stealing private information, companies should make sure workers don’t access social media websites on office computers. Pro or con?

Pro: Don’t Let Hackers in the Front Door

The adage “keep your friends close and your enemies even closer” may sound good on paper, but when it comes to business, it’s a devastating practice. Even so, many businesses are doing just that—letting cybercriminals infiltrate their organizations—simply by allowing their employees to access social networks at work.

The best way for businesses to protect themselves from hackers is to make sure they don’t become targets in the first place. To that end, many businesses will spend big money on securing every aspect of their website, customer databases, and payment information. All of that work can be undone in an instant by allowing social media in the workplace.

The reason is simple: Hackers will go after the biggest payoff using the least amount of work. With research showing increased social network usage in the office, there’s a lot of opportunity for hackers to make a hefty payday.

No matter how much money is poured into IT security infrastructure, businesses that allow social media are targeted because every employee is viewed as a new avenue for hackers to exploit. Everyone from CEO to secretary is susceptible to hackers via social networks because they all come with different levels of security experience. It only takes one person to fall for a phishing attack to cause companywide cybersecurity exposure. For example, if a worker browsing Facebook at work unknowingly clicks on a malicious link or photo in his or her news feed, he or she is opening up the company-owned computer to attack. Once infected, the computer will operate as a bot designed to steal passwords and log keystrokes, and act as a proxy server to conceal the attacker’s identity.

The dangers outweigh the benefits when it comes to social media in the workplace, at least for now. The cost of even a single cybersecurity incident is extremely high, whether it’s in loss of financial data or loss of faith from your customers. Until social networks evolve to address the specific security needs of businesses, their usage should be restricted in the workplace.

Frank Fanzilli serves as a technology adviser and sits on the board of directors for Calypso Technology, CommVault, GFI Group, and Asset Control. During his previous career with Credit Suisse First Boston (CSFB) and Credit Suisse, he worked in IT strategy, operations, and organization as the first global chief information officer of that enterprise.

Con: Stay Social but Protected

Social media are here to stay. Innovative companies understand this reality and are using social media to improve employee collaboration, strengthen customer service, and expand their businesses.

While Facebook, Twitter, and LinkedIn have created a lot of opportunity for businesses, they have also become significant entry points for security threats. Check Point research has shown more than 80 percent of organizations believe Web 2.0 applications significantly lowered the security posture of their business, citing viruses, malware, and data loss as critical concerns. However, banning social media from their networks seems like a “flat earth” policy and, with today’s security gear, unnecessary.

So how should organizations proceed? While there are a lot of security solutions that offer application control, employee education is a critical component that businesses must integrate in order to benefit from Web 2.0, without compromising security. People are a critical part of the security process as they can be misled by cybercriminals and make mistakes that lead to viruses or unintentional data loss. Many organizations do not pay enough attention to the education of users when, in fact, employees should be the first line of defense. Employers should empower workers to prevent security incidents in real time. Some of today’s technologies integrate user awareness capabilities, helping businesses alert employees about corporate policies and putting them at the heart of the security process.

The bottom line is that social media are part of an evolution in the way people communicate and collaborate in modern-day business environments. As security issues with Web 2.0, mobile devices, and other emerging trends contribute to the growing list of IT priorities, organizations should implement a combination of technology and employee awareness in order to align security with business needs.

Jorge Steinfeld is the vice-president of information systems at Check Point Software Technologies and has 32 years of information systems experience.

Opinions and conclusions expressed in the Debate Room do not necessarily reflect the views of Bloomberg Businessweek, Businessweek.com, or Bloomberg LP.

Reader Comments

seo tips for images

Excuse my stupidity but I cant seem to find your sites rss feeds Mind directing me to it Thanks

jmj

Elka

Aren't employees paid to WORK rather than waste time on their social life? It's bad enough to see them flipping open their cellular phones to check their text messages. How much productivity is lost? Seriously.

Nadia

Security issues are not the result of increased use of social networks - I don't believe blocking (or allowing) the use of personal social networks - I believe that employees should connect directly with users for to learn how their products are working in the market (and how they could work), something that social networking makes easy...

But, they should have separate accounts for business and personal. Don't block social networks - but foster the use of integrating those services with the business image and then create clear rules and guidelines for your employees on how to use/manage them.

It's an opportunity to further your brand and protect it.
If a company is willing to put in more effort up front.

Boris

Not all social media sites are listed here. Notwithstanding "Book of Faces Library" and other two do not represent trash. Be honest in this publication and say for what ordinary employees spend company time in visiting "social" and commonly hot sites, chats and e-mailing. What a stupidity to use a "company e-mail provider", instead your really personal to get boy(girl)-friend to lunch?

Justin

If you think that you're going to be able to block social media and maintain a competitive recruitment strategy of the younger generation, you've lost your mind. Even the DoD is making strides to make social media more accessible.

sazid hossain

what if an employee leaks information through other way. I mean, there are lots of ways in internet. Yes, one of the way is social networking sites. Stopping one might not be a effective one to do so. Employees are suppose to be united and work together in a business for the business for their own benifits. Its just shame! Security is must no doubt about it. From the site of employer, maintaining/controlling confidential data might be another issue.

Strict rules of using cellphone in office might demotivate employees. It does not mean that they are allowed to use it leaving works. Agreeing with what Nadia said.

No words for employees under McGregor Theory X !

Join the Debate

 

Participate More!

Please send us your ideas for new Debate Room topics. If you're an academic, association officer, or other industry expert and would like to write a Debate Room essay, send us a query. Questions? See the

BW Mall - Sponsored Links

Buy a link now!