A SMART Guide to Managing Social Media Risks

Social media is here to stay and the numbers are growing. According to industry statistics, there are 2.2 billion active Facebook users and 500 million users on LinkedIn. An average of 50% of the Facebook users log into their accounts on a daily basis. 900 million of the active users access Facebook using mobile devices. These mobile device users are twice as active as non-mobile users.

Your organization's staff are most likely users of social media services. This can put your systems at risk when a computer user logged on to your network is using a browser to access social media sites. If the workstation gets infected by social media malware, the user's workstation can be used to launch higher level attacks against the internal network. Malware can also lead to information disclosure and a loss of data integrity.

While some organizations attempt to manage social media risks by blocking access to these sites, security managers know that there are legitimate business needs when a sales department needs to post information about a new product or service, management uses LinkedIn for business and professional networking, etc.

Instead of blocking all access to social media sites, Altius IT recommends a five step SMART approach to managing social media risks.

SMART Guide
Altius IT's SMART guide is a five step approach to managing social media risks.

Security - implement security from the top down. Desktop systems and mobile devices should have protection against malware and other related threats. Segment your network to minimize a disruption should a user's workstation be compromised.

Monitor - track user activity and sites visited. If a user's workstation becomes compromised after visiting a social media site, record the event and use the information to prevent other users from being infected.

Administer - with over 150 major social media sites, your users are at risk. Research and identify sites that contain malware. Restrict and limit access to these sites.

Reporting - report user activity. Know the social media sites used by your staff and ensure that there is a legitimate business reason for accessing such sites.

Training - educate your users about social media risks. Teach your users not to click on html links on social media web sites. Users of social media sites should have passwords that are long and complex.

Resources
For more information on managing social media risks, please see our Blog post Social Engineering and Social Networking - Your Users are a Target.

Network security audits help ensure the organization's assets have the proper security controls in place. Social engineering security assessments help protect your sensitive data and intellectual property by evaluating and testing the effectiveness of your employee security education and awareness training. Formal and documented policies ensure a top down approach to managing social media related risks.

Security Blog menu  

Tags: social media security | social networking security | social networking threats | social engineering security assessment

 

Certified Auditors

Certified Information Systems Auditors
Altius IT's auditors are certified to audit your systems and issue reports and opinions on your security. We help you identify, manage, and reduce your risks. Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:

  • Fortify your network infrastructure
  • Comply with regulatory requirements
  • Protect your valuable assets

For a full list of our certifications please visit our About Us page.