One question we frequently get asked is if social media sites like Facebook and Twitter are “safe” for workplace use. The answer is a tough one because it depends a great deal on how individual users utilize these services. Consider the following three examples:
Sally gets on Facebook, Twitter, and LinkedIn a couple times a day to post updates for your company. Occasionally she also checks her own profiles and posts updates. Verdict: This is likely safe. The one concern is to make sure Sally is very careful not to get confused with regards to which updates she is posting where. Everything on the Internet should be assumed to be there forever. An inadvertent post by Sally to your company Facebook page about how she hates waiting in line at Starbucks can become an embarrassing incident that lasts for years.
Joe gets on Facebook, Twitter, and LinkedIn throughout the day. He rarely posts and mostly just reads what is going on in his circle of business and personal friends. Verdict: If there is some business value to this, and Joe is careful at where he goes on these sites in terms of links, this is likely safe.
Tom gets on Facebook, Twitter, and LinkedIn throughout the day. He has never met a funny video link that he didn’t like. Sometimes those sidebar ads look pretty entertaining too.. better click those. And wait now it says his Adobe Flash is out of date and it wants to run an install.. sure let’s do that. Verdict: This is your worst-case-scenario. Tom’s system will get infected despite having anti-virus and anti-malware if he clicks on enough of these advertisements and fake update alerts.
Knowing your own staff is the key to keeping social media under control. We at ESG can provide many tools that monitor or block Internet usage of certain types, but those are no substitute for employee management.
A final thought: Even with fairly safe usage, social media is a great way for hackers to get their exploits out to a huge number of people in a short amount of time. A good example would be the recent Twitter TweetDeck exploit which targeted users of the platform in drive-by style. In the words of bank robber Willie Sutton when asked by he robbed banks, “because that’s where the money is.” Likewise, hackers and con artists will concentrate their efforts more and more on social media because that is where the easy targets will be. ESG expects that social media.. accessed both from desktops and mobile.. will become the number one attack vector for computer infections within the next few years. As such, we recommend that our clients carefully consider the benefits and risks of allowing employees to have unfettered social media access.