76% of SMBs (small and mid-size business) surveyed in a poll carried stated that they are under pressure to allow more access to Web 2.0. Almost half, 44.4%, said that they do not have security in place to protect from Web 2.0 specific threats. The business web filtering solutions provider encourages SMBs to deploy formal social media policies.
Forrester predicts the market for social enterprise apps will grow from $600 million in 2011 to $6.4 billion by 2016. The next decade is going to be a challenge to small business owners as they battle to make IT budgets stretch to deliver new tools without any downside.
Social media in the enterprise represents a double-edge sword. On the one hand, it opens up new business opportunities and powerful ways to engage with a company’s customer base. However, on the other hand, it can expose business to new risks such as security threats and reduced network productivity.
With different research studies showing that between 30-40% of SMB malware threats originate from social media sites, it is imperative that small business owners take a close look at their IT and social media strategies, and establish policies now so that they harness the best of social media without downside – or downtime.
A recent study by analyst firm SMB Group showed that only about half of SMBs take a strategic and structured approach with social media. An unstructured approach means most SMBs will not have a social media or corporate internet usage police – leaving them vulnerable to potentially crippling business vulnerabilities.
I suggest SMBs and their HR and IT teams consider the following to help create effective and secure social media strategies and policies.
- Does your company have classified information – customer data, accounts, banking information etc – that if corrupted or stolen would ruin your business and could leave you liable legally?
- How long can you afford to shut your system down and what will the productivity and financial costs be?
- Unmanaged social media access increases vulnerability to phishing and malware attacks. Which specific individuals and departments need access to these tools for business purposes?
- Does your company have an IT and application user policy in place; and do you have the tools required to manage access? e.g. access to personal email or Facebook only permitted at lunch time or before/after work for some, and always for others e.g. marketing.