Top 5 Threats In B2B Social Media Usage: What Every Employer Should Know

While social media usage has become increasingly popular, the question about whether it should make its way to the workplace or not triggers a series of debates. Those who idealize the use of social media at work have visions of it being a great promotional tool, as well as a way to enhance employee drive.

Yes, social media can indeed be another vehicle to gain a better presence online and whilst completely blocking access to these sites will result in being counterproductive, companies that allow employees to use sites like Facebook and Twitter during work hours need to be aware of the potential threats social media usage poses to their business.

It is therefore of great importance that employers are aware of the top 5 threats outlined below:

Malware Infection – What attracts malware creators is data – and what better place to find this than a place where people willingly share their personal and business details? With over 50,000 applications on a site like Facebook, the probability of a third-party application being used to infect your network with malicious code which can steal your data is high. In fact, Google Advisory has recently confirmed that social media sites such as Facebook, Twitter and YouTube were victims of malicious software.

Cyberslacking – If employees were to spend time browsing non work-related sites when they are meant to be working, productive hours would be lost – and therefore also company resources. In 2007, for example, around 233 million hours were lost every month in the UK as a result of employees’ cyberslacking on social networking sites.

Bandwidth Hogging – The availability of video links posted on social networking sites, as well as links directing users to sites like YouTube, Vimeo and Metacafe, creates problems for IT administrators. Video streaming can cause slow access to outsourced application services and corporate email. Furthermore, bandwidth used for non work-related purposes is an unnecessary expense.

Social Engineering – Social engineering is becoming increasingly advanced, resulting in more and more victims to online scams. Users might give personal details, including employment information, and this could result in data theft. Furthermore, people tend to post messages without thinking of the repercussions, such as: ‘Called in for work due to the problem found in our front-end product’. These messages may not only raise concern among customers who use the system, but they are often mined by cybercriminals. A more detailed post could also potentially reveal a software vulnerability which could be exploited by hackers.

Legal Liability – If employees click on links to view objectionable, illicit or offensive sites through the corporate network, the organization is at a high risk of facing legal charges for failing to protect employees from viewing such content. Besides the legal costs and fines, the organization’s reputation might be damaged.

What can be done?

A solid web monitoring solution offers the right tools to fight such threats. Firstly objectionable, illicit and offensive sites can easily be blocked using one of the commercially available internet filtering solutions.

Secondly, such software records all Internet activity taking place on your corporate network, meaning that if your organization has to face any legal charges, it can present a report of the employee’s Internet usage to prove its case. Thirdly, when employees know their web activity is being monitored, they would usually focus more on their work – meaning productivity, together with the ROI (Return of Investment) increases, while the risk of malware attacks decreases.

Clearly, the best solution to fight social media usage threats would be to invest in a solid web monitoring solution. But it does not stop here; setting up an Internet usage policy and educating employees about the five threats mentioned above is also essential. This would teach workers about the importance of Internet safety and how to avoid malware infection, as well as understand that web activity is being controlled for the organization’s safety and not to ‘spy’ on them.

Emmanuel Carabott CISSP heads security research at GFI Software. He has over 12 years’ experience in the security field and is a regular contributor to several websites and blogs. For more information about the benefits of using email usage reporting.