Skip Links

Social media a boon for businesses, but creates security quagmire

Main dangers: Fraudsters, malware and employees who leak sensitive data

By , Network World
May 17, 2012 12:34 PM ET

Network World - Social media -- Facebook, Twitter, LinkedIn, Google+ and so forth -- has become a way of life for companies and their employees to interact with the public, but beating back the fraudsters that try to prey on customers, not to mention keeping employees from spilling sensitive data, is becoming a full-time job for many.

"We do a lot of social media, It's actually an important part of our business," says Yaron Baitch, director of information technology and security at Bob's Stores, the apparel retailer in the Northeast region which counts about 1,500 employees. The store chain uses its Facebook site and Twitter for continuous interaction with the public.

MORE: Facebook hacker comes clean on 'what really happened' 

MORE: DARPA seeks Holy Grail: Quantum-based data security system

But the Bob's Stores Facebook site, especially, needs constant attention for security reasons since fraudsters have been known to attempt to lure visitors to "various traps anywhere around the world," says Baitch. "We try to work hard to make sure none of our customers are put at risk."

Stats for social media use

This is the kind of danger for business that comes with social media, says Charles Renert, vice president of Websense security labs. "Video lures" have become one of the biggest threats on social media. "It's all about social engineering and the lures," he says.

While Bob's Stores uses social media to draw attention to sales at its stores and e-commerce website, for instance, the apparel retailer does not often favor its employees using social media.

The acceptable-use policy the company established generally prohibits employee use of social media unless the job function calls for it, says Baitch. To enforce that, Bob's Stores makes use of the Websense security gateway dubbed Triton to block employee access to Internet-based social media via the corporate network resources.

Baitch says the main rationale to block employee access to social media is that the company would appear to bear legal responsible for any employee's wrongful or reckless behavior, if it occurred, if the employee were using the company's network. But if an employee, aware of corporate policy making social media off limits, did something wrong using their own network resources, the liability risk would more squarely rest on the employee.

Concerns about safeguarding customer data according to the Payment Card Industry security guidelines also influenced the decision by Bob's Stores to keep employees off social media. The company is so concerned that it might be possible to get by the Websense gateway, it's also investigating use of whitelisting technologies to lock down corporate computers.

Social media is important in other areas, such as sports, too, where there are also risks.

"Social media is big, like Twitter and Facebook," said Bill Bolt, vice president of information technology for the Phoenix Suns NBA team. "And now there's Google." It's now common practice to interact with fans, tweeting team news and posting video interviews with the team's stars, such as Jared Dudley and Steve Nash, or selling game tickets through direct interaction online.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News