Social Media Sites: Employers Should Block Them
To prevent hackers from stealing private information, companies should make sure workers don’t access social media websites on office computers. Pro or con?
Pro: Don’t Let Hackers in the Front Door
The adage “keep your friends close and your enemies even closer” may sound good on paper, but when it comes to business, it’s a devastating practice. Even so, many businesses are doing just that—letting cybercriminals infiltrate their organizations—simply by allowing their employees to access social networks at work.
The best way for businesses to protect themselves from hackers is to make sure they don’t become targets in the first place. To that end, many businesses will spend big money on securing every aspect of their website, customer databases, and payment information. All of that work can be undone in an instant by allowing social media in the workplace.
The reason is simple: Hackers will go after the biggest payoff using the least amount of work. With research showing increased social network usage in the office, there’s a lot of opportunity for hackers to make a hefty payday.
No matter how much money is poured into IT security infrastructure, businesses that allow social media are targeted because every employee is viewed as a new avenue for hackers to exploit. Everyone from CEO to secretary is susceptible to hackers via social networks because they all come with different levels of security experience. It only takes one person to fall for a phishing attack to cause companywide cybersecurity exposure. For example, if a worker browsing Facebook at work unknowingly clicks on a malicious link or photo in his or her news feed, he or she is opening up the company-owned computer to attack. Once infected, the computer will operate as a bot designed to steal passwords and log keystrokes, and act as a proxy server to conceal the attacker’s identity.
The dangers outweigh the benefits when it comes to social media in the workplace, at least for now. The cost of even a single cybersecurity incident is extremely high, whether it’s in loss of financial data or loss of faith from your customers. Until social networks evolve to address the specific security needs of businesses, their usage should be restricted in the workplace.
Frank Fanzilli serves as a technology adviser and sits on the board of directors for Calypso Technology, CommVault, GFI Group, and Asset Control. During his previous career with Credit Suisse First Boston (CSFB) and Credit Suisse, he worked in IT strategy, operations, and organization as the first global chief information officer of that enterprise.
Con: Stay Social but Protected
Social media are here to stay. Innovative companies understand this reality and are using social media to improve employee collaboration, strengthen customer service, and expand their businesses.
While Facebook, Twitter, and LinkedIn have created a lot of opportunity for businesses, they have also become significant entry points for security threats. Check Point research has shown more than 80 percent of organizations believe Web 2.0 applications significantly lowered the security posture of their business, citing viruses, malware, and data loss as critical concerns. However, banning social media from their networks seems like a “flat earth” policy and, with today’s security gear, unnecessary.
So how should organizations proceed? While there are a lot of security solutions that offer application control, employee education is a critical component that businesses must integrate in order to benefit from Web 2.0, without compromising security. People are a critical part of the security process as they can be misled by cybercriminals and make mistakes that lead to viruses or unintentional data loss. Many organizations do not pay enough attention to the education of users when, in fact, employees should be the first line of defense. Employers should empower workers to prevent security incidents in real time. Some of today’s technologies integrate user awareness capabilities, helping businesses alert employees about corporate policies and putting them at the heart of the security process.
The bottom line is that social media are part of an evolution in the way people communicate and collaborate in modern-day business environments. As security issues with Web 2.0, mobile devices, and other emerging trends contribute to the growing list of IT priorities, organizations should implement a combination of technology and employee awareness in order to align security with business needs.
Jorge Steinfeld is the vice-president of information systems at Check Point Software Technologies and has 32 years of information systems experience.