Social media has transformed the way businesses interact with customers. All at once it gives companies a new way to reach out to their fans while also giving the company a more personal touch. But as always seems to be the case, with any good thing usually comes a downside. This double-edged sword comes in the form of increased security risks through social media, and it’s a source of major concern for business leaders. The concerns are definitely grounded in reality. One recent study showed that almost a quarter of small businesses had been compromised in some form by employee-use of social media. Social media, however, can’t simply be ignored or outlawed. In this day and age, it plays an important role for businesses, so in order to protect your company, it’s important to be aware of the security risks that often accompany having a social media presence.
(Tweet This: One study shows 24% of small businesses have been compromised by workers using #social media sites. #security)
One of the greatest threats to any business is the infection of networks and systems by malware. Unfortunately, while social media is a helpful tool for businesses, it also creates another avenue for malware to infiltrate and cause widespread damage. This can be done in a number of ways. One of the most common is through clicking on malicious links, which can lead the user to download harmful files. This is particularly troubling with social media since skilled attackers can make it seem like the link is being posted by a trusted friend or contact. Downloading these harmful files can end up stealing important information, especially if the compromised profile belongs to a business.
At the same time, business data can be put at risk through the relatively recent rise in malicious applications for mobile devices. Social media is now more popular than ever before, and a major factor in this rapid expansion has to do with the proliferation of mobile devices like smartphones and tablets. While many people use their mobile devices to access social media, that also means attackers are targeting those devices with harmful apps. Many times, people will download apps that contain malicious code, leading to any data accessed or stored on the phone being stolen. While this would normally end up harming the user’s personal information, personal mobile devices are increasingly being used for business purposes through variations of BYOD policies. So if the smartphone or tablet has company data on it, that data can be stolen or even destroyed if the wrong kind of app is downloaded.
Some of the risks to computer security may not come from attackers’ social media efforts directly. In many cases, it’s the employees’ behavior that can put important company information at risk. Many employees lead a very connected life, where they’re constantly checking and posting on social media at all hours of the day. This can lead some employees to divulging sensitive information through sites that they feel are protected and private. However, even though social media sites like Twitter and Facebook do have some protections, it should never be assumed that information posted there is private. If employees end up revealing too much on social media, that information may eventually fall into the wrong hands, hurting the company and aiding competitors or prospective attackers.
Skilled attackers can lure in victims on social media through social engineering tactics as well. This works similar to phishing attacks wherein attackers persuade users to open up attachments with a virus or similarly harmful programs. Effective social engineer attackers are able to convince users to reveal what passwords they use or other company information. If victims are using passwords and other authentication measures that are used by the company at large, that would also mean attackers have access to other business accounts. Getting administrative access like that could lead to devastating consequences, especially if the business doesn’t have the resources available to recover from the attack.
Given these security threats, it’s little wonder that a whopping 80% of small businesses fear social media will end up damaging their companies. Completely eliminating social media from the equation is simply too impractical, especially since it can play a major part in a business’s success. That’s why companies both large and small need to set up a clear social media policy and stick by it, enforcing it at all times. Only then can they make sure employees are using it the way they’re supposed to while being aware of the threats that are out there. With the right knowledge in the mind, businesses will be a little more secure from attackers.