How to Keep Employee Social Media Posts to avoid company risk

Your newest hire is so excited about working for your company. But keep employee posts to avoid company risk as they post a series of photos taken on their first day and say how great it is.

What’s the harm in that, right? How to Keep Employee Social Media Posts to avoid company risk? But that social sharing could be leaving your company vulnerable to phishing and social phishing attacks.

Robberies, or worse.  Sharing our lives in photos and posts on social media has become second nature for many. Especially Millennials and Generation Z.

who’ve grown up never knowing a world without the internet. But the online criminal can get more information from your posts.

How to Keep Employee Social Media Posts from Putting Your Company at Risk

 

There are over 300 million photos uploaded to Facebook every day.

While companies tend to focus on software and managed IT security when it comes to their data security. They often miss some of the more human caused elements of data breaches. 

Oversharing details about the inner workings of your company or photos that show computer screens in the background.

Are often just the thing that hackers lurking on hashtags like #MyFirstDay, #Intern, or #LoveMyJob are looking for.

Related: Laptop Drive Encryption can Stop Thieves in Their Tracks

Just one personal detail about a company, such as the time and date of an upcoming company picnic. Can allow a cyber attacker to craft a very realistic phishing email asking employees to click a link to pick their favorite side dish.

Or get directions to the picnic sent to their phone.  The more real details sprinkled into a nefarious phishing email.

The more likely it will be to trick an employee into downloading malware onto their device that can attack the entire company network.

Examples of Social Sharing that Can Be Used Against Your Company

Phishing attacks grew by 40.9% in 2018. And they continue to be the number one delivery method of malware like ransomware and spyware.

But that’s not the only threat from employee oversharing on social media while at work. Here are some of the scenarios that can happen to put your company’s security in danger.

Posting Photos with Computer Screens in the Background

Someone taking a selfie at their desk. Might not notice that a colleague’s computer screen in the background has a patient’s medical record. Or a customer’s account displayed on the screen.

Posting that information for the world to see can result in a serious violation of HIPAA or another data privacy policy. Meaning fines and reputation repair for your business.

Exposing Company Secrets

While it’s great to be excited about a new company product you got to see in R&D. Posting a photo that contains any sensitive information about it leaves a company open to theft of a company secret by a competitor or reveal a trade secret.

For example, in October of 2019 a Panera Bread employee posted a trade secret about the restaurant’s Macaroni.

And Cheese recipe on the social media site TikTok (exposing that it was frozen). Which not only resulted in the employee to be fired but also embarrassment for Panera.

Showing the Layout of the Building

How fun to show a tour of your new workplace on Facebook live! But unfortunately. That video stream may also be showing potential thieves the layout of your building and where the most valuable items are kept.

Complaining About Your Company or Colleagues

Not all employees are sharing happily on social media about their jobs. Employees that are letting off steam can give ammunition to a social phishing scammer.

That pretends to know just how they feel and feed into their discontent. This can lead to them gaining the type of trust that can trick an employee into downloading a virus or other malware.

Taking a Photo of Your New ID Card

It’s not unusual for an employee to be proud to be issued their first employee ID card. And something managers are typically glad to see. But taking a photo of you proudly wearing.

That ID card could give a criminal a high enough resolution image to make a fake badge. They can then use to gain unauthorized access into the building.

Providing Insider Information about a Public Company

Not all employees know what information can and cannot be shared openly about a public company.

If they accidentally share news before it’s been officially announced that can impact the stock price. That could be a serious problem for a company that leads them afoul with the SEC.

Tips for Safe Social Sharing at Work

Not all social media posting about a company by its employees is dangerous. In fact, many companies encourage social sharing because it can boost a company’s presence helping sales and attracting great talent.

It’s just important to have a policy in place that lays out the Dos and Don’ts of proper social media posting at work. And gives guidelines on social sharing.

Here are some tips on guidelines you can use to strengthen social sharing security:

  • You can take photos near designated areas in the office.
  • Any photos of clients or their places of business need approval before posted.
  • Don’t allow mobile phones into sensitive areas of the building
  • Let new hires and existing employees know the dangers of sharing company information
  • Add a social media monitoring component to your cybersecurity plan
  • Conduct regular staff training in phishing and social phishing attacks
  • Find an anti-phishing app that protects against malicious links. And attachments shared in direct messages over social media
  • Create a manual specifically for social media that lets staff know what your company policies are

Does Your Cybersecurity Strategy Include Social Media?

The ways we receive and share information have gone through a major change in the last 15-20 years.

If you haven’t yet put into place safeguards for social media sharing. Or mobile device management at your business. RCOR can help!

We’ll ensure you have a plan in place that anticipates. Protects you against the threats that come as technology. And communication continue to evolve.

Let’s do a complimentary security audit. Request yours online or call 919-313-9355 today.