Group lists top five social media risks for businesses
Threats include malware, brand hijacking and losing control over information, says ISACA
Computerworld - As businesses increasingly try to figure out how to use social networking tools in the enterprise, an IT governance group has released a ranking of the top five risks social media poses to companies.
The study, which lists the biggest risks businesses need to prepare for when they are using social media, was released on Monday by ISACA, previously known as the Information Systems Audit and Control Association, a 43-year-old international organization that researches IT governance and control.
John Pironti, an ISACA Certification Committee member, noted that many business executives have considered some of the risks, but few have considered all of them.
"I think that the blinders have been on at a lot of enterprises," Pironti told Computerworld. "They're trying to figure out what to do about this. I think companies are as scared as they generally are with any new technology, like Wi-Fi and jump drives.
"They're taking a different attitude this time. They're not just turning it off but they're acknowledging that they just can't stop the use of it. They understand that it's going to be used, so how do they do it safely?" he said.
The top risks, which are laid out in an ISACA research paper, are viruses and malware, brand hijacking and lack of control over corporate content. Rounding out the top five are unrealistic expectations of customer service at "Internet-speed" and noncompliance with record management regulations.
Pironti said ISACA isn't warning companies not to use Web 2.0 tools or to not fully embrace social networking. However, he said they need to go into it with their eyes wide open to the risks as well as the benefits.
And he added that most of the risks stem from users not understanding how their own behavior could possibly impact the company. Pironti noted that it comes down to a need for organizations to educate users about how posting something could breach company security, hurt the company's image or even open the company up to being hit by malware.
"With social media, there are so many platforms and environments to learn," said Pironti. "What are the implications of what could happen? People don't think of the damage that could occur to an organization.
"They see it as a way to explore relationships with work people. We take some of the social out of their lives by asking people to work longer hours. They're looking for a balance -- to still have a relationship with friends and peers," Pironti said.
And since workers, either on their own or with a corporate blessing, will use social networking sites such as Facebook and Twitter, Pironti said they need to understand the line between social and business. They also need to have set corporate guidelines about what information can be shared what needs to stay inside corporate walls.
However, Pironti said company execs also need to be aware that workers are using social networking sites, and they need to have a hand in it to better protect themselves. Executives won't be aware of what is being said about a company unless someone is paying attention.
Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin or subscribe to Sharon's RSS feed . Her e-mail address is firstname.lastname@example.org.
Read more about Privacy in Computerworld's Privacy Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts