Experts are warning that organisations should offer more guidance to staff about social networking policies after a study found that the web sites can pose major risks to both corporate and personal security.
One in six UK employees think that social networking sites such as Facebook and LinkedIn threaten corporate security, while a further three out of ten fear that their own personal security could be compromised.
The use of social networking site within UK businesses has soared in recent times, with workers using Facebook, LinkedIn and Twitter for everything from marketing to recruitment. But they are now calling for clearer guidelines on what constitutes acceptable workplace usage, found the research, which was undertaken among 1,000 employees by market researcher ICM on behalf of risk managment consultancy, Protiviti.
When asked what action employers should take, 27% of staff said that they should do more to devise acceptable usage policies, with just 3% saying that they needed less not more guidance. People aged 55 and over were particularly keen on receiving clarification, with one in three expressing a need for help – more than any other age group.
Jonathan Wyatt, managing director of Protiviti UK, said that the blurring of the lines between public and private social networking use presented a big challenge for business. “On one hand, employees are using social networking tools for managing activities in their private life – but accessing these tools from corporate systems,” he said. “On the other hand, employees are being asked to carry out specific tasks relating to work via the same social networks.”
While opening up access in the workplace could generate long-term benefits, there were a lot of risks involved, which included information security breaches,” he added.
Key security risks included the potential leakage of sensitive information, the unintentional uploading of Trojans or viruses to employees’ computers, the increased targeting of individuals for social engineering attacks as well as people falling prey to fraudulent scams.
The problem was that manageable incidents could turn into major crises if not tackled in a timely and appropriate manner, Wyatt warned. To make matters worse, social media was not even on the radar of many organisations as being a corporate risk.
“It is only when serious loss of information and or theft occurs that this subject is given priority. By allocating direct responsibility and establishing a unified risk management process, organisations can start to mitigate the threats they face,” he said.
One Response
Interesting point
It is important that organisations communicate effectively with their staff about the policies regarding social media use because it has become so much as part of people’s lives it is difficult for many people to take time away from their mobile devices and social media networks.
— Dave Evans, commercial director at accessplanit, specialising in training administration software and learning management system.