Welcome to another article in the ‘Looking to the Future’ series where I discuss emerging technologies with experts from across various industries. As always, my goal is to share my ideas, knowledge and experience to receive feedback from you to continuously learn and improve.
In this article, I welcome back Scott Taylor COO of Southern Cross Group, as we explore the various aspects of security from a cyber and physical perspective.
The theme of this article is Security & Social media. Thank you, Scott and let’s begin.
It’s no secret that social media has become a major risk and concern for businesses everywhere. According to a survey by the University of Canberra, Social media is the least trusted industry on privacy and security in Australia. In fact, 61% of respondents nominated the social media industry as having the worst security and privacy practices. That said, the social media security problem isn’t unique to Australia instead it affects people and businesses across the globe.
Most of us instantly associate social media security with cyber security. We tend not to think about an even bigger and ever-growing threat which is insidious and physical in nature – Social Engineering. According to one report, there had been a 150% rise in Social Engineering in 2016 alone across the four big social media networks: Facebook, Twitter, LinkedIn, and Instagram. Social Engineering is using manipulative ways to trick people and businesses into giving up their confidential information such as passwords or bank information. The tricks can also include activities such as exploiting human kindness, greed, and curiosity to gain access to restricted access buildings or getting the users to install backdoor software. Knowing the tricks used by ‘bad actors’ is fundamental in protecting your computer systems and will be something I plan to cover in a future article.
So, while we briefly discussed the threat of Social Engineering from a physical perspective, it is not the only risk posed to people or businesses. There are other risks as well. Specifically, the cyber risks around social media which could compromise your business and brand. These risks and the tips to mitigate them are discussed next.
Social Media Security Risks and the Tips to Mitigate Them
From a business perspective having a comprehensive social media policy and rigorous governance framework in place is fundamental.
Following are some of the common social media security risks posed to both individuals and businesses in Australia with a social media account:
1.Unattended Social Media Accounts
A mistake that most people and businesses in Australia make is completely ignoring their social media accounts that they don’t use actively or anymore. Idle social accounts are often targeted by bad actors, who will post fraudulent and damaging messages under your name/brand.
77% percent of the respondents of the 20th EY Global Information Security Survey felt that a careless member of staff was the most likely source of a cybersecurity threat. This clearly indicates that human error is a big risk posed to social media accounts.
Bad actors have many ways of gaining access to your social accounts including through vulnerabilities in third-party apps that integrate with the big social networks.
4.Phishing Attacks and Scams
These are scams that use social media to trick people into handing over personal information. For example, they can include a link that directs people to a page that says their page is locked and provides them with a phone number to call for support. The number connects to scammers who are looking for personal information and credit card numbers.
5.Malware Attacks and Hacks
A real threat, social media hackers have managed to gain access to the social media accounts of celebrities and big media corporations.
6.Unsecured Mobile Phones
A popular way to access social networks, mobile phones makes it easy to access social media. With mobile apps, social accounts can be accessed with a single tap. However, the danger is that if your phone is lost or stolen, then access to your social accounts and all the sensitive information it contains is just a tap away.
Tips to be safe online
While the above risks pose a real threat to your social media accounts, you can mitigate them using the following strategies to overcome social media security risks:
1.Create a Social Media Policy
Create a social media policy that outlines how your business and its employees should use social media responsibly. This will help to protect your business from many scams and other security threats.
2.Train Your Staff on Social Media Best Practices
You can have the best social media policy in the world, but it will be of no use if your employees don’t follow it. Not only should your social media policy be easy to understand and follow, but you should also conduct training for your employees to allow them to use your social media policy effectively.
3.Monitor Your Accounts
As mentioned earlier, unattended social accounts are a great opportunity for bad actors. Therefore, you should use software systems to keep an eye on all your social channels and follow up on anything unexpected.
4.Invest in Security Technology
It is virtually impossible for you to physically monitor your social media accounts throughout the day or 24/7. Therefore, you need security technology that can monitor your social media accounts 24/7 and automatically alert you of security risks.
It goes with saying that, social media is an effective way to engage customers and build your business. That said there are several risks to both individuals and organizations when used in an inappropriate or unsafe manner. The good news is that if you are a business then you can mitigate these risks if they are identified, mitigated, managed and monitored as part of a comprehensive social media governance plan.
About the Author
Martin Sheridan begun his career in technical development and solution architecture, more recently he has developed his professional practice to include development of both commercial and technical strategy, leadership of substantial teams and delivery of major cultural change programs. He played diverse roles, including design, development and deployment of innovative software solutions with an eye to longer-term technological and commercial strategies to improve SDLC, time-to-market, time-to-value, efficiency and client satisfaction.