Most businesses lack social media security controls

Share this article:

IT security practitioners agree that employees' social media use represents a security threat, but 29 percent polled in a new survey said their company has the necessary controls in place to mitigate the risks.

The “Global Survey on Social Media Risks,” released Wednesday by the Ponemon Institute, found that many organizations have experienced the danger posed by sites like Facebook and Twitter. In the survey of more than 4,000 IT and IT security professionals, 52 percent of respondents said they faced an increase in malware as a result of social media.

Despite the increased risks, a majority of respondents acknowledged that social media is an important tool for meeting business objectives, according to the survey.

“If you block social media, you remove the business benefit,” Tom Clare, senior director of product marketing at  Websense, the survey's sponsor, told SCMagazineUS.com. “If you allow it, the survey shows you will experience a high instance of malware, productivity and bandwidth impact. You need to have a strategy for social media and have an acceptable-use policy.”

But roughly two-thirds do not, the survey found.

Because of the stagnant economy and the fact that social media platforms have developed so rapidly, security practitioners – and their technology buying cycles – haven't been able to keep up, Clare said. Many IT departments are still focusing on traditional security defenses at the expense of protecting emerging technologies.

To get a handle on the dangers of social media, organizations should first conduct a risk assessment to understand what practices most threaten the company, according to the report. Then, they should create a comprehensive policy that includes guidelines for the use of social media by employees and contractors. Also, employees should be educated about how their actions could impact the business. 

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.