By Dave Roberts, vChief Information Officer, Senior Manager at LBMC Technology Solutions

Ten years ago, most corporations had little or no use for social media.  Social media was viewed as a novelty and a productivity killer in most organizations.  Therefore, access to social media sites was often restricted by corporate IT departments.  At that time, a public website was the closest thing to a sanctioned social media presence.

As consumers adopted the use of the variety of social media platforms, organizations realized that a largely ignored fertile ground of access to customers existed.  Companies faced the crossroads of restricting employee access to social media with the corporate adoption of social media as a viable marketing resource.

Fast-forward to present day, most organizations have recognized the importance of social media.  More progressive organizations have included social media as part of comprehensive marketing strategies.  Corporate websites often reference company social media sites while social media sites link back to corporate websites.  Organizations even encourage employees to utilize social media to promote company activities and other content to extend the organizations marketing strategy to include contributor-based content.

This convergence of formerly opposing forces has created numerous positive results:

    • Employee friendly corporate cultures where employee contribution to corporate social media sites is encouraged.
    • Corporate marketing by employees indirectly marketing their organization to their networks of social media contacts.
    • Employee identification with their employer on social media platforms.

Our connection and sometimes reconnection with family, friends, and colleagues have created a world that seems much smaller at times.  We enjoy sharing life’s moments – family events, concerts, even what we had for dinner.  The connection and bond to our network of friends create a safe-haven for sharing life together.

Bad actors and risks associated with social media – a threat to corporate systems

Conversely, we must address risks and vulnerabilities associated with the use of social media.  Depending on your individual security settings and willingness to share, you may be putting your personal data at risk to a variety of bad actors in the cyber world.  Our interest to connect with others is often peaked by reading and responding to articles or surveys that are posted in the form of pop culture questionnaires, such as “name your first concert” and other like questions.  What may seem like an innocent attempt to share and connect with your social media community, is often a ruse for bad guys attempting to mine data on you.  For example, think about an online account that references a series of questions to unlock your password should you forget it.  Many of these questions are –

    • “who was your best friend growing up?”
    • “what street did you live on in fifth grade?”
    • “what was your first car?”
    • “who was your favorite teacher?”

Now think about how many surveys you encounter in social media that ask similar questions.  The answers you submit to these unknown sites are being collected along with any other public information in your social media profile to establish a data profile that hackers and other bad actors might use at some point in attempt to access your personal financial systems (bank, investments), health records, corporate networks, and email accounts.  If you factor the recent extensive data breaches of social media sites, the volume of your personal data in the hands of cyber-criminals could surprise you.

Additionally, some social media sites contain malware and destructive cyber payloads designed to compromise your computer and any networks to which you are connected.

What can you do to prevent risk?

These risks are very real.  Cyber-criminals are at work every second of the day attempting to breach corporate systems and individual accounts.  That doesn’t mean we should return to pre-1985 and the advent of personal computing.  But, you can greatly reduce your individual risk and the risk to your company by doing the following:

    • Be aware of how much personal information you share on social media sites.  Especially in relation to the level of your security settings.  If you prefer a more open account, you should limit your personal information.
    • Recognize information requests or surveys that are common to password security questions.
    • Use complex, strong passwords.  A best practice is a passphrase or strong password with a minimum of 12 characters containing a combination of three of the following – uppercase letters, lowercase letters, numbers, and special characters.
    • Don’t use the same password for corporate accounts and personal accounts including social media.
    • Don’t use your company email address for your social media accounts.
    • Don’t access social media surveys from your corporate computer.  You risk a malware event that can infect your corporate systems.

LBMC Technology Solutions assists small companies in protecting their systems and developing a comprehensive security program. If you would like an assessment of your current systems and learn how to strengthen them, please contact us today.