Skip Links

5 top social media security threats

Enterprises need to take precautions to make sure employees practice safe social media

By Chris Nerney, Network World
May 31, 2011 12:04 AM ET

Network World - Social media platforms such as Twitter, Facebook and LinkedIn increasingly are being used by enterprises to engage with customers, build their brands and communicate information to the rest of the world.

But social media for enterprises isn't all about "liking," "friending," "up-voting" or "digging." For organizations, there are real risks to using social media, ranging from damaging the brand to exposing proprietary information to inviting lawsuits.

Here are five of the biggest social media security threats:

5. Mobile apps

The rise of social media is inextricably linked with the revolution in mobile computing, which has spawned a huge industry in mobile application development. Naturally, whether using their own or company-issued mobile devices, employees typically download dozens of apps because, well, because they can.

Social networking security threats taken too lightly

But sometimes they download more than they bargained for. In early March, Google removed from its Android Market more than 60 applications carrying malicious software. Some of the malware was designed to reveal the user's private information to a third party, replicate itself on other devices, destroy user data or even impersonate the device owner.

And all because this new game is supposed to be even better than Angry Birds!

4. Social engineering

A favorite of smooth-talking scammers everywhere, social engineering has been around since before computer networks. But the rise of the Internet made it easier for grifters and flim-flam artists to find potential victims who may have a soft spot in their hearts for Nigerian royalty.

Social media has taken this threat to a new level for two reasons: 1) People are more willing than ever to share personal information about themselves online via Facebook, Twitter, Foursquare and Myspace, and 2) social media platforms encourage a dangerous level of assumed trust. From there it's a short step to telling your new friend about your company's secret project. Which your new friend really might be able to help with if you would only give him a password to gain access to a protected file on your corporate network. Just this once.

3. Social networking sites

Sometimes hackers go right to the source, injecting malicious code into a social networking site, including inside advertisements and via third-party apps. On Twitter, shortened URLs (popular due to the 140-character tweet limit) can be used to trick users into visiting malicious sites that can extract personal (and corporate) information if accessed through a work computer. Twitter is especially vulnerable to this method because it's easy to retweet a post so that it eventually could be seen by hundreds of thousands of people.

2. Your employees

You knew this was coming, but even the most responsible employees have lapses in judgment, make mistakes or behave emotionally. Nobody's perfect all of the time.

But dealing with an indiscreet comment in the office is one thing; if the comment is made on a work-related social media account, then it's out there, and it can't be retrieved. Just ask Ketchum PR Vice President James Andrews, who two years ago fired off an infamous tweet trashing the city of Memphis, hometown of a little Ketchum client called FedEx, the day before he was to make a presentation to more than 150 FedEx employees (on digital media, no less!).

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News