Don't forget social media when managing cybersecurity

According to Stephen Urquhart, general manager ANZ, Ixia, social media has put a great deal of personal data in the public domain. The blending of employees’ personal and professional lives means that companies need to take social media into consideration when they assess how to keep their corporate assets secure.

“The value of social media to business is clear. It can amplify customer engagement, build brand identity and raise awareness of products and ideas. This increased exposure means added risks,” said Urquhart.

“Social media platforms put a lot of personal and professional information into the public sphere, making social profiling easier than ever. This, in addition to the ease of communication provided by social media platforms, increases the opportunity for cybercriminals to dupe employees into clicking on dodgy links or inadvertently downloading malware.”

Organisations need to offer training and have appropriate network security infrastructure in place to avoid the risk of information breach or data theft arising from social media activity.

Phishing remains one of the top sources of vulnerability. Social media can make it easy for a cybercriminal to pose as a colleague or a friend, send a phishing message via a social media platform or email and fool someone into unknowingly providing an entry point to an organisation’s system.

This is not just an IT issue for industrial organisations, since those targeted may be operating staff.

Organisations can protect themselves against the potential of such an attack with these five steps:

1. Make sure employees engage in social media only when using a secure connection or network.
2. Educate employees about phishing scams, including how to recognise them and how to avoid them.
3. Implement a policy that restricts what information can be shared publicly and which sites can be visited.
4. Test the network regularly to reduce the likelihood of potential vulnerabilities.
5. Subscribe to a threat intelligence service for a proactive way to minimise potential threats.

“Social media has become unavoidable for most businesses, so organisations and individuals need to protect their social media presence just as they would protect their laptop or their network,” said Urquhart.