53% of respondents have implemented limited or no access to social media sites as a control to mitigate risks related to social media.
More than 1 billion people, about 15% of the world’s population, are registered users of the world’s most-popular social and business networking sites.
Social media enables individuals to stay connected to one another like never before. It enables organizations to engage with customers on a real-time basis and solicit direct feedback, which then helps them to continuously improve their market offerings and positioning, develop brand loyalty and sell more effectively.
Identifying social media risks
The increasing adoption of social media affects the IT risk landscape.
Social media risks include:
- The introduction of malicious software lurking within social networks
- Hacked accounts that are used to solicit information
- The release of confidential or negative company information or personal data
Our survey reveals that a significant portion of participants recognize the risks: nearly 40% of respondents rated social media-related issues as either challenging or significantly challenging. 72% of respondents claimed that external malicious attacks were their top risk.
Responses to social media risks
To help address potential risks posed by social media, organizations seem to be adopting a hard-line response.
53% have responded by blocking access to sites rather than embracing the change and adopting enterprise-wide measures. This response is unlikely to be completely effective, given the increased ease of access to social media during office hours through privately owned mobile devices.
Which of the following controls have you implemented to mitigate the new or increased risks related to the use of social media?
| Our perspective |
- Reconsider “no access/no use” policies for social media sites. This response, while perhaps addressing external threats to internal hardware and software, does not completely address the widespread global personal adoption of social media and indirect integration into business use via other channels such as mobile devices. Consider monitoring your employees’ usage of these sites, without restricting access.
- Embrace the full advantages of social media. The lack of an integrated information security policy for both access to and use of social media is preventing companies from keeping pace with competitors and may be creating a sense of mistrust with employees.
- Consider testing and using technical solutions that also enforce the security stance outlined within your social media policy.
- Perform your own reconnaissance to better understand what potential attackers can find on social media.
« Previous | Next »