For many people, sharing day-to-day on social networks has become an activity that is part of their daily lives, and that includes work life. Although this allows you to keep friends and acquaintances up to date with what you are doing, without the need to exchange messages, it also introduces various risks that could affect employers, colleagues or even the user himself. In the worst case, it could even put your job in jeopardy; for example, if a company policy is broken. ESET, a leading proactive threat detection company, shares cybersecurity tips for employees.
A recent survey revealed that the majority of small business owners are aware that their employees’ use of social media applications poses a security threat. However, according to ESET, with the right approach, there are ways employees can use social media without exposing themselves or their employers to unnecessary risk:
Know the policies of the company: As an employee, you probably want to promote the company and its benefits in order to boost your own profile as well as that of the brand. One of the fastest and best ways to do this is through social media. And, while you may be acting in good faith trying to promote the positive, you may cause harm, and even break some of the company’s internal rules.
If you want to post about your job or employer, the best way to do so is to review your company’s social media guidelines and policies. If there aren’t any or it’s not clear what can and cannot be done, the best option is to talk to someone in human resources who is up to date with all company policies.
Use apps on work devices, but with special care: Corporate devices are a mainstay of business life. While they are primarily used for work and allow colleagues to stay in touch, companies often allow them to be used for personal things as a benefit. However, that does not mean that you have a free hand to do with them what you want. It is important to remember that these devices are still monitored by company administrators and connected to the company network, so many of the activities can be reviewed. Related to this, social media is riddled with scams, so falling for a phishing campaign or clicking on a suspicious link can lead to company systems being compromised with ransomware, keylogger, or other malware.
For these devices, the company and administrators are largely responsible for their security. This means they need to institute cybersecurity best practices, implement the use of reputable security solutions, and have a proper strategy for installing updates. But that doesn’t mean you don’t have to do anything: devices must be updated and patched every time they ask to do so. And, in addition, you should be aware of the common scams that can be found on popular social media platforms such as Facebook or Instagram. Additionally, clicking on links to dubious sites that could compromise devices could, at best, lead to some negative stares or, at worst, get you fired.
Do not expose yourself too much: Much has been said about the overexposure of information on social networks, whether it is about one’s own personal life, or about the lives of the people around them, such as family, friends and even children. However, the same applies to professional life: by sharing information about work excessively, you are inadvertently putting yourself and your employer at risk. For example, sharing too many photos of a workplace can allow attackers to gain information from the environment and make it easier for them to attack the company’s physical defenses. Or, with personal data, adding too much information on social networks can make it easy for someone to impersonate a user and commit identity theft.
To mitigate most of the risks associated with overexposure, the easiest step is to limit and filter what is shared on social networks: do not share photos or information that reveals too much about you or your employer and their offices. Also, review your privacy settings on social networks: not everything you do needs to be shared with the general public, so limit it to people you know and trust. It is recommended to apply this advice throughout the entire online presence, not only in the workplace.
Don’t be sloppy with workspace photos: Photos in the office, whether it’s the home office or at work, tend to be popular on social media as people want to share how hard they work, or show how organized your workspace is. But these photos can be too revealing if certain precautions are not taken. The photo could contain a wide variety of sensitive information: you could have documents on your desktop that are the employer’s intellectual property or company secrets, a sticky note could have your login credentials, or your computer screen could reveal sensitive customer data, which could potentially run afoul of data regulation laws, which come with heavy penalties for the employer.
The simplest way to avoid these cases would be not to publish such photos of the desktop, or to have it carefully review the work desk and assess whether something that would be visible in the photo could represent a security risk.
“Navigating social media in the early 2020s can be tricky, especially with attackers getting more creative than ever with their scams and strategies to compromise devices with malware. And the stakes are even higher, as today Today people like to share all aspects of their day, including work-related tasks.This presents a threat vector that could be exploited by cybercriminals.However, mitigating the risks is not that difficult: you must remain be alert and have a healthy dose of suspicion when it comes to things you find on social media, be aware of your company policies, and follow the best cybersecurity practices taught by your IT department. the safe path, protected from most threats”, says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Laboratory.
