Social Media: A Dangerous Friend?

These days, social media has become an important part of almost every company’s marketing plan. Sites like Facebook, Twitter and LinkedIn allow companies to engage their customers in conversations, keep them updated on new products and developments and keep their finger on the pulse of what their customers want – as well as spread the word about their products and services and increase sales. In fact, social media has become so important to the business world that many firms have even started hiring staff specifically for the purpose of managing social media.

While the benefits of social media are indisputable, like nearly every emerging technology, social media also presents some dangers. Many organizations focus on their social media reputation, closely monitoring what customers (and employees) are saying about them online and the image they present through Tweets, status updates and postings, but the dangers of social media extend well beyond public relations.

Several recent studies have indicated that social media is fast becoming a preferred means of entry for criminals who want to spread malware and viruses, or steal data and company information. According to organizations such as IBM and via social media are on the rise, and organizations need to be concerned about this threat and take steps to prevent falling victim to dangerous security breaches.

How Social Media is Vulnerable

Imagine this scenario:  your company’s CEO is listed on the popular networking site LinkedIn. A criminal is looking for a means to get into your company client database for his employer, who wants to know more about the deals you’ve made with key customers. Using the information garnered from LinkedIn, the criminal is then able to target an attack to your CEO. With just a few keystrokes, the thief sends malware to your CEO, disguised as a contact request or other legitimate purpose. Your CEO accepts the request and soon your sensitive company data has been compromised.

This is just one method that hackers and thieves are using social media to gain access to corporate networks. Other common means of entry include developing malicious applications for social media. For example, most social media users have seen links to supposed applications that will tell them how many people have visited their profile. For a new social media coordinator for a business, this type of information is highly useful – and also impossible to get. Such applications are malware, and create vulnerabilities on your computer and network because they pull information from your user profile, then use it to create targeted attacks.

In an era of BYOD – workers using their own personal devices for work – social media can also wreak havoc on company networks. Individuals might use their phones to access their personal social media accounts, and opt to download an application. Whenever you download an application, you need to set the permissions, which often allow the app to access everything on your phone. And since the app does not distinguish between personal and company information, download a malicious app could put your company data and network at risk.

How You Can Protect Yourself

Since avoiding social media altogether is not a practical option for most businesses, other precautions against social media-borne threats are necessary.

First, a comprehensive BYOD policy is essential, and each user device (both mobile and in-house) needs to be equipped with the most up-to-date and comprehensive malware and virus protection, firewalls and security software. In addition, should there be a suspected breach via personal device, there must be a protocol for wiping or locking the device until the problem is solved.

Thus, companies need a comprehensive policy regarding social media and applications that can be safely downloaded. Social media coordinators should be educated and up-to-date on the threats, and understand the potential dangers of social media. Institute a password policy, and consider linking social media accounts to email addresses that are separate from the main company network, or cloud, to prevent any unauthorized access.

Lastly, companies need to constantly monitor their social media accounts, taking steps to remove any suspicious activity, protecting the company network as well as customers or fans that connect via social media. Vigilance is important and all possible threats should be taken seriously.

Social media is a valuable tool for businesses of all sizes, when it is used safely. Some experts predict that the growth in social media attacks will lead to a decrease in traditional email borne viruses and malware, meaning that this is an issue that should continue to be at the top of your network security priority list.

However, social media awareness isn’t a concern chiefly regulated to the professional world; it should be practiced in your personal life as well.