Whether you or they like it or not, each employee is your company’s brand ambassador. And how they harness that power determines if your company receives more customers or deals with a PR nightmare and…possible cyberattacks.
That’s the part you normally don’t hear in discussions about employees using social media. According to CNBC, 28% of employers reported firing an employee for using the Internet—social media included—during the workday; 18% fired an employee because of what he/she posted.
What these statistics don’t tell you is if the companies had to deal with a cyber backlash from the inappropriate social media use. Did social engineers pounce on employees who overshared on Twitter in an attempt to gain access to their personal information or your system? What about posting from the company’s official social media accounts on public Wi-Fi?
The truth is, maintaining online safety or cyber hygiene doesn’t stop when the employee logs out of the company network. In fact, it’s when individuals believe they’re in the clear that cyber hygiene falls by the wayside and mistakes happen—such as oversharing and falling into social engineering manipulation traps.
To protect your business and prevent accidental insider threats, learn these 5 social media dos & don’ts to incorporate inside and outside of the workplace.
1. DO Establish a Social Media Policy
There should be a social media policy for employees’ personal social media use and the company’s official accounts.
Both policies need to address what’s considered oversharing and what isn’t, how to set up and update uncrackable passwords, Wi-Fi security. employees should refrain from using public Wi-Fi when on the company’s social media accounts.
2. DON’T Have Just Anyone Be Responsible for The Company’s Accounts
Elect or hire an employee to manage the company’s social media accounts. One reason is that you will know who has access to the accounts, which can minimize insider threats.
Secondly, if you select someone with past experience, the employee will know how to manage the official accounts. They’ll know the importance in following the social media policy, as well as what to publish and what not to, decreasing the chances of external attacks.
3. DO Be on The Lookout for Social Media Spoofing
Did you know 40% of Facebook accounts and 20% of Twitter accounts stating they represent a global 100 brand are making it up? There’s very little verification that goes into creating social media accounts. Which means anyone can pose as anyone.
So, not only could spoofers, posing as your business, run your business reputation into the ground but subject innocent followers to phishing and social engineering attacks.
To prevent this from happening, look up your business name in Facebook, Twitter, LinkedIn, and other social media platforms to see if there’s any similar or near-identical matches.
4. DO Educate Employees on Social Media Cyber Hygiene
This is a must to prevent accidental and negligent insider threats. Employees should know:
- The importance in have a 2-factor authentication for each account
- How to spot social engineers
- The risk behind using social media accounts on a public server
- Insider and outsider threats
- What is and isn’t oversharing
5. DON’T Overshare
According to the Bureau of Justice, 17.6 million Americans were victims of identity threat in 2014.
With 81% of Americans having a social media profile, it’s no wonder identity theft can happen on social platforms.
All it takes is a combination of oversharing and social engineering opportunists to hijack an account.
Before publishing a post, employees need to ask themselves:
- Is this the best platform to share this information?
- What will be the (good and bad) consequences of this action?
- Why should this information be shared?
Social Cyber Safety is Important
Taking these steps into consideration will decrease social engineering and spoofing attacks. Employees will also gain more cyber education, leading to greater cyber protection in the office and at home. Which only helps everyone—employer and employees—to create a cyber safe environment.
CBI Can Help
CBI, for Cyber Security Solutions, provides tools to increase your cyber arsenal. Contact CBI to learn how this works.