A few years ago, most organizations simply banned the use of social networking at work, but that’s no longer the case. Today, organizations feel compelled to allow access these social networking sites, said Tim Roddy, senior director of product marketing with McAfee Inc.
Twitter, for example, is now being used for business purposes; there are 190 million Twitter users worldwide, creating 65 million tweets per day. YouTube, which is increasingly being used by business to promote marketing and training videos, has 300 million visitors each month from around the world. In fact, research firm Gartner Inc. predicts by 2014 social networking services will replace email as the primary vehicle for about 20 per cent of business users.
Today, email and messaging are the main carriers of malware and phishing scams, while Facebook is increasingly being used as an attack vector. We’ve seen Twitter hacks. We’ve seen Facebook compromised by the Koobface worm. We’ve even seen a Salesforce.com employee hand over customer records to a phisher.
In a survey of more than 1,000 organizational decision-makers in 17 countries, McAfee found that social media is being used by business to create new revenue streams, boost productivity and enhance marketing strategies.
But seven out of 10 organizations experienced some sort of security breach because of social media technologies.
So what can organizations do? Start with policies, supported by technologies. Look for tools that provide application control, said Roddy, and develop access policies specific to user identities.
Protecting the integrity and confidentiality of your data is key, so consider data loss protection as well as gateway anti-malware (which provides proactive scanning of code in web pages for malicious content).