It is widely accepted that employees have access to social media at work and some may be posting regular status updates throughout the day. Social media solutions are also no longer just used socially but now play a vital part in business processes helping businesses interact with their customers as well as their other stakeholders. While this helps everyone stay connected and improves communication, this also presents new and potentially serious risks to sensitive and confidential company data.
Organisations usually take steps to detect and prevent IT and network threats; however end user behaviours and actions add new complications to the task of protecting sensitive organisational information from exposure to hackers.
While most mainstream social media tools have security features built-in these do not prevent end users from accidentally placing sensitive data at risk. This can happen from just a simple post or status update providing a little too much information for all to see!
Many organisations react to social media threats by banning the tools altogether when an incident occurs. This can mainly be a knee-jerk reaction and does not provide a long term solution especially since many organisations now rely on social media tools to communicate with customers and others.
Education and awareness should be used as a way forward to ensure social media tools can be used safely and productively within the organisation.
NTT Security can provide assistance with the development of a comprehensive security awareness program to educate either a part of or the entire organisation.
The New Hampshire Department of Health and Human Services (DHHS) experienced a massive data breach thanks to one patient who accessed a personal computer left in the hospital library. Over 15,000 clients of DHHS and New Hampshire Hospital in Concord had their names, addresses, Social Security numbers and Medicaid identification numbers shared on an unidentified social media platform.