A SMART Guide to Managing Social Media Risks

Social media is here to stay and the numbers are growing. According to industry statistics, there are 2.2 billion active Facebook users and 500 million users on LinkedIn. An average of 50% of the Facebook users log into their accounts on a daily basis. 900 million of the active users access Facebook using mobile devices. These mobile device users are twice as active as non-mobile users.

Your organization's staff are most likely users of social media services. This can put your systems at risk when a computer user logged on to your network is using a browser to access social media sites. If the workstation gets infected by social media malware, the user's workstation can be used to launch higher level attacks against the internal network. Malware can also lead to information disclosure and a loss of data integrity.

While some organizations attempt to manage social media risks by blocking access to these sites, security managers know that there are legitimate business needs when a sales department needs to post information about a new product or service, management uses LinkedIn for business and professional networking, etc.

Instead of blocking all access to social media sites, Altius IT recommends a five step SMART approach to managing social media risks.

SMART Guide

Altius IT's SMART guide is a five step approach to managing social media risks.

Security - implement security from the top down. Desktop systems and mobile devices should have protection against malware and other related threats. Segment your network to minimize a disruption should a user's workstation be compromised.

Monitor - track user activity and sites visited. If a user's workstation becomes compromised after visiting a social media site, record the event and use the information to prevent other users from being infected.

Administer - with over 150 major social media sites, your users are at risk. Research and identify sites that contain malware. Restrict and limit access to these sites.

Reporting - report user activity. Know the social media sites used by your staff and ensure that there is a legitimate business reason for accessing such sites.

Training - educate your users about social media risks. Teach your users not to click on html links on social media web sites. Users of social media sites should have passwords that are long and complex.

Resources

For more information on managing social media risks, please see our Blog post Social Engineering and Social Networking - Your Users are a Target.

Network security audits help ensure the organization's assets have the proper security controls in place. Social engineering security assessments help protect your sensitive data and intellectual property by evaluating and testing the effectiveness of your employee security education and awareness training. Formal and documented policies ensure a top down approach to managing social media related risks.

Security Blog
verified If You Want a "Security Audit"
You Need a Certified Auditor.
Certified Information Systems Auditors

Unlike a security consultant, Altius IT is certified as a Certified Information Systems Auditor to perform a security audit of your environment and issue reports and recommendations to secure your systems. After your audit, Altius IT's Auditor Opinion Letter and Secure Seal let your clients and prospects know you meet security best practice/compliance requirements.

See our In the News page for video clips of our experts on national television as well as over 40 publications featuring Altius IT. In addition to our auditor certifications we hold many security, technical, and project management credentials. More information is available on our About Us page.

Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:

  • Fortify your information systems, applications, and network infrastructure
  • Comply with regulatory requirements
  • Protect your valuable assets
Assurance and Security Audit Services
network-security
Network Security Audit Company
Certified security audit
Cyber security audit
Network security audit
Penetration test and penetration testing
Risk assessment
Security testing
Social engineering security assessment
it-security
IT Security Audit Company
Data security audit
IT audit
IT security audit
Mobile software application security audit
Network security assessment
Security assurance
Web application security audit
Website security audit
Website security testing
compliance
Compliance Audit Company
Information assurance
Privacy audit
Security compliance
consulting-services
Consulting Services Company
Custom consulting service
Cyber security consulting
Network security consulting
Network audit
Network assessment
Quick Access
Audit Resources
Security Resources
Contact Us
Copyright ©     Altius IT.   All rights reserved.
Site map Privacy policy Do Not Sell or Share My Personal Information