Most businesses lack social media security controls

IT security practitioners agree that employees' social media use represents a security threat, but 29 percent polled in a new survey said their company has the necessary controls in place to mitigate the risks.

The “Global Survey on Social Media Risks,” released Wednesday by the Ponemon Institute, found that many organizations have experienced the danger posed by sites like Facebook and Twitter. In the survey of more than 4,000 IT and IT security professionals, 52 percent of respondents said they faced an increase in malware as a result of social media.

Despite the increased risks, a majority of respondents acknowledged that social media is an important tool for meeting business objectives, according to the survey.

“If you block social media, you remove the business benefit,” Tom Clare, senior director of product marketing at  Websense, the survey's sponsor, told SCMagazineUS.com. “If you allow it, the survey shows you will experience a high instance of malware, productivity and bandwidth impact. You need to have a strategy for social media and have an acceptable-use policy.”

But roughly two-thirds do not, the survey found.

Because of the stagnant economy and the fact that social media platforms have developed so rapidly, security practitioners – and their technology buying cycles – haven't been able to keep up, Clare said. Many IT departments are still focusing on traditional security defenses at the expense of protecting emerging technologies.

To get a handle on the dangers of social media, organizations should first conduct a risk assessment to understand what practices most threaten the company, according to the report. Then, they should create a comprehensive policy that includes guidelines for the use of social media by employees and contractors. Also, employees should be educated about how their actions could impact the business.