How Social Media Jeopardizes Data Security Your employees may be revealing too much, here's how to keep their posts from compromising your business.
By Cynthia Johnson Edited by Dan Bova
Opinions expressed by Entrepreneur contributors are their own.
Sharing what you're doing, where you're doing it and whom you're doing it with is a common practice for individuals and businesses on social media. Businesses don't have the choices people do -- not when an online presence is a standard expectation. But as businesses grow and maintain various social media accounts, security becomes increasingly difficult to control.
There was a time when data leaks were best prevented by keeping all information within the firewall. Cloud-based technology and social media have totally disrupted this, creating a void for new types of security to fill. Joseph Steinberg, CEO and Founder of SecureMySocial, built a cloud-based system that notifies users in real time if they're posting something inappropriate on social media. We've all heard the horror stories of people making posts that they later regret.
But, the damage can have a huge impact on businesses as well. Data often travels unprotected through social media channels and, when you consider how much people over share, social media be a serious source of data leaks. As Steinberg explains social media can, "Provide hackers with information that greatly assists them in breaching organizations."
Related: 7 Cybersecurity Layers Every Entrepreneur Needs to Understand
Dislike that post!
Think of the last time a co-worker posted a Facebook story from the office, or shared business related information via Twitter. Believe it or not, a seemingly harmless post can give outsiders enough information to cause serious damage to your business. Generations of employees who grew up with social media have a valuable ability to connect companies to their audiences through social. But, they may over share impulsively and become the unwitting accomplices to cyber crimes against the company they work for. According to Steinberg, "For example: An employee who inadvertently sends a spear fishing email (an email that appears to be from an individual or business but is from a hacker) right before she gets on a flight -- and commenting in the email about how the flight might make her difficult to reach for a few hours -- can greatly increase the odds of people falling prey to the scam and taking action as directed in the message."
Related: 4 Cybersecurity Best Practices for Your Organization
So how is data leaked, anyway?
Data leaks can happen in a seemingly harmless post about relocating for work when that news is still confidential to your company. It can happen if you hit "paste" with text from a work-related email in your clipboard and post it into the wrong window on your screen. If can happen if your smartphone auto-corrects something you spelled wrong in a social media post to some project code name that you just used in an email. It can happen if you mean to send a private message and accidentally make a public social media post. While it's easy to think, "There's no way I'd ever do that," Steinberg notes that even Twitter's own CFO has done exactly that: posting confidential data via a public Tweet when he meant to send a private Direct Message. The rise of social media messaging has resulted in many who "have all but abandoned text messaging in favor of Facebook or Twitter messaging," Steinberg adds. "And increased time on social media platforms translates into an increase in the risk of certain data-leak related problem emanating from social media use."
You're vulnerable everywhere.
Access to social media is also available on limitless devices. You can be at home, work, on your phone, with a tablet or on a public computer or borrowed device. Your phone, which doubles as a virtual office, is the easiest channel for data to leak out of. You can access the Internet anywhere, any time and information is shared impulsively in status updates and photos.
Steinberg explains that the most secure way to keep your business's data safe without worrying about employees is through specific technology that addresses risks taken when sharing on social media. While necessary, company policies "Are likely to be ineffective without technology to train people and inform them in real time if they are violating some rule," he explains. Yet if everyone actually followed corporate policies all of the time, "Businesses would not be spending billions of dollars a year on compliance and data loss prevention technologies that prevent problems when policies are violated."
Related: The Biggest Cybersecurity Threat at Your Office Could Be You
In a culture of over sharing and generations of employees who have never lived without the existence of social media, there's never been a better time to solve this problem. Steinberg's reason for creating SecureMySocial was simple: "I decided to focus on the information security aspects of social media because this area of information security is seriously problematic, getting worse with time and, until our invention, had no viable solution on the market that even came close to addressing the problem of employees posting problematic material on social media." B2B technology SecureMySocial can also be authorized to automatically delete especially problematic posts, and the system protects all involved without the need for an employer to monitor its employees' social media accounts.
SecureMySocial also protects individuals from the consequences of publishing problematic posts to social media channels. Steinberg adds, "it also delivers protection from physical, financial, and personal perspectives by warning them if they make a post that can harm themselves in any of these areas." Ultimately software like this can diminish the need for monitoring employee profiles and posts -- resulting in improved security and privacy for both businesses and individuals.