Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Social Networking – Friend or Foe

By Joanne Rogers of CS Risk Management 2012
Love it or hate it, social networking has firmly embedded itself into the fabric of our world. The likes of Facebook, Twitter and LinkedIn can be powerful business tools, especially for marketing, communication and recruitment purposes.Joanne Rogers

But there is also the less appealing nature of the beast. Provide employees with access to the internet and most will check their online profiles at least once during the day and the resulting downtime can quickly accumulate. But, to a business, a far greater threat than the lack of productivity is the security of what is shared online through these networks.

So what are the benefits and risks to businesses when engaging with the social media phenomenon?

To Like or not to Like: The Benefits & Risks

•    Social networking can be used for marketing, expanding commercial reach and advertising, with the only tangible cost being the time needed to maintain the account;
•    Used appropriately, social networking sites can be used to communicate easily with existing business contacts and connect with new ones;
•    A regularly updated online presence can have a positive effect on reputation, reinforcing the brand image and demonstrating awareness of current trends;
•    There are no geographical restrictions providing potential to reach new areas with little or no expense;
•    Can be used to motivate, by building and maintaining relationships between leadership and employees; and
•    Build company culture and communicate policy changes and announcements.
•    Social networking sites themselves are not generally a concern, it is the behaviour of the users that presents a risk;
•    When considering the possibility of leakage of confidential information or intellectual property, exposure through word of mouth can be hard enough to control but words can be forgotten. An individual making a comment on the internet to an audience of thousands greatly increases this threat and posts can be found through a search engine indefinitely;
•    Viruses and worms are often incorporated into fake profiles, e-mails or postings from Friends. Careless use could lead to inadvertent downloading of malware, spyware, adware or ransomware, or even the hijacking of the account; and
•    There is a threat of exposure to offensive web content via links contained in e-mails, posts and tweets.
After reviewing these risks and benefits, there are several options available to businesses when considering the use of social networks.
•    Allow unrestricted access to social networking sites: providing employees with unrestricted access could boost morale, however there is the potential for this access to be exploited;
•    Allow restricted access to specific sites and/or at specific times: allowing employees access to certain sites, perhaps those designed for business networking, or allowing access to personal sites only outside of business hours or during lunch;
•    Allow access to social networking sites only to those authorised to use a business profile: for example marketing teams who update the site with business related information;
•    Block access to all non-business related sites for all employees: only allow access to sanctioned business related programs; and
•    Block internet access to all: this is an unlikely option since many companies now use internet based programs for day to day operations.
Social Networking Policy
For those businesses that decide to use or allow access to social networking sites, it is crucial to implement and maintain a social networking policy. The policy will provide employees with guidance so that they are accountable for their actions. While specific components of the policy will vary dependant on the nature of the organisation and how they use social networking, there are several elements that should form the basis for any social media plan.
Guidelines and Restrictions
It is important to establish a level of control that provides protection whilst allowing the informality that is the foundation of social networking. Business data should be classified so that employees are fully aware of what sensitive information is and what can and can’t be mentioned on profiles or in posts. Also determine who is authorised to access corporate content and modify accounts on behalf of the company.
Remember that mobile devices such as smartphones and tablet PCs are also at risk from hackers, so be sure to specify if employees are permitted to access social networking from these devices.
Education and training
Educating employees on the acceptable use of social media is essential to reducing the risks. Each employee represents the company and a thoughtless tweet about a product launch or personnel change has the potential to damage reputations.
Consider limiting the posting of corporate data unless authorised and clearly state the consequences of failure to follow policy: disciplinary or dismissal procedures can be implemented for employees who violate policies. Although this may seem heavy handed, prevention is always better than cure.
Once a policy has been approved, it is important to monitor the activity relating to the business. Check the networks for the company or product name; find out what is being said. If customers are losing faith in the company, take the opportunity for promotion by addressing concerns. Failure to monitor on a regular basis could lead to loss of sales and damage to reputation.
Monitoring can also be an opportunity to see what people are interested in, helping to shape future campaigns.
Maintenance and Updates
It is worth remembering that unless your web security software is capable of fulfilling the requirements stated in the policy, the policy itself will be useless. Regular reviews of software capabilities, changes to programs and security settings, should be undertaken.
Incident response plan
If a business faces a crisis, for example loss of systems or product faults, an incident response plan should include measures for addressing issues via social media. Recalling products and providing updates on service availability can provide customers with assurance that the issue is being dealt with. If handled swiftly and correctly this action could limit the impact on reputation.
What next
Social networking has evolved so rapidly that many companies struggle to keep up with the changes and subsequent implications. The growth shows no signs of slowing, so it is important to remain vigilant to the threats. Education is essential across all levels of the business to ensure that the advantages of using social media are not negated by the risks.
Author:  Joanne Rogers of CS Risk Management 2012
CS Risk Management is exhibiting at Infosecurity Europe 2013, the No. 1 industry event in Europe held on 23rd – 25th April 2013 at the prestigious venue of Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk