EU News
Partners
Events
Videos
Subscribe
Contact us
Magazine Archive
EU Member Profiles
Leaders
DIGITAL
MAGAZINE
EUcommerz.com
Web
Live Spot Rates
Entrepreneurship > Networking
Social Networking - Exploring the Corporate Risks

Exploring the risks associated with social networking sites is essential.

Virtually all businesses are faced with some form of geographic sprawl. This sprawl supports global efforts and provides access to fresh talent and resources while also creating new risks for the corporation and employees. Collaboration tools and social networking services are sites focused on building internet-based communities of people who share common interests.

There are many benefits to bringing this new wave of technology into the corporate world; however, the risks to the corporation can outweigh the benefits if these tools are not carefully managed. Exploring the technological and data risks associated with the utilization of social networking sites and services is essential to determine if this technology is appropriate for your organization.

Technological Risks

Social networks can be compared to mass gatherings of people in train stations or airports where it is easy to transfer the common cold. Quite similarly, computer viruses can be transmitted electronically through social gatherings online. Malware, Trojans and other types of spyware can be transmitted without the user’s knowledge.

Data Leakage Risks

There are three very important data leakage risks that corporations must be aware of before adopting social networking sites into the corporate culture. 

These risks include:
o Innocently posting personal information that can be used to commit identity theft, such as DOB; e-mail; job or marital status.
o Sharing corporate information, such as employee lists, department names, user names and passwords.
o Trusting an unknown person who could potentially be unsafe or misleading.
These risks can be segmented into three primary areas:  Policies & Awareness, Virus Protection and Content Filtering/Monitoring.

Policies & Awareness

Policies need to be developed to document the corporation’s position on social networks. Employees will assume that it is authorized without a corporate policy governing acceptable use of the technology.

Awareness training should include:
o How to register correctly and choose proper preferences
o Only establishing online relationships with appropriate people
o Specifying what information should never be discussed or shared in a social network environment.

Virus Protection

Utilization of a multi-layered, redundant approach to virus protection has prevented the malware risk from impacting corporations. 
It is necessary to ensure that your corporate virus protection is robust enough to protect against the increased exposure due to social networking.

Content Filtering & Monitoring

Another effective control protecting your company from the risks associated with social networking is the utilization of content filtering and monitoring technology.  Current technology allows for limiting access to these sites to only those users that may need those sites in order to perform their daily jobs.  Current data loss prevention software vendors provide the capability to identify incidences of posts of company information to external locations.

There are numerous risks that exist through the utilization of social networking, although, there are controls that can be put in place to mitigate risk so that corporate access is permitted.  The potential value of these networks justifies the effort and risks, but be prepared to perform a risk assessment to determine what is appropriate to your corporate environment and control capabilities.

Gary Cantrell was appointed vice president and chief information officer for Textron Information Services (TIS) in February 2006. His responsibilities include directing the day-to-day activities of TIS as well as managing TIS executive staff members and business unit CIOs. Cantrell oversees Textron’s Information Management Council. Prior to joining Textron, Cantrell held senior-level roles with Bank of America as senior vice president, Enterprise Access and Technology Services, and senior vice president, Supply Chain Management for Technology and Operations. Before joining Bank of America in 2001, he spent 15 years at Honeywell International where he held a variety of information systems, management, finance and engineering positions.  Cantrell earned a B.S. degree in management and finance from the University of Dayton and an M.B.A. from the University of Phoenix.


Gary Cantrell, VP & CIO, Textron Information Systems




COMMENTS
Add your comment
Name:* Company:
E-mail:*
(Your e-mail will be not published online. We will never sell your e-mail address to anyone)
Comment:
Remember my personal information
Notify me of follow-up comments?

Please enter the word you see in the image below:



RELATED ARTICLES

SPECIAL FEATURE
Recession survival: keeping your business afloat
The steps your business can take to fight the economic downturn.
EU MEMBER FOCUS
Belgium
OUR PARTNERS
PARTNER SERVICES
MOST POPULAR