It is impossible and illegal to stop employees from using social networking sites 24/7 and even if it were legal it wouldn’t be a good idea as it could easily alienate your employees. The best course of action is to educate your employees about the best way to stay safe on social networks. Below is a list of the top 10 security precautions an employee should keep in mind when using social networks.
- Never use the same passwords that you use at work on a social networking site.
- Limit usage of social networking sites to personal use only. Do not write about work issues. Always assume everyone in the world will be able to see what you’re writing even if the site limits your post to your friends exclusively. And remember that the internet never forgets, especially with things like screenshots.
- Try to avoid mentioning where you work; so that if you mention something you thought innocent (but that might be valuable information for hackers) they will not know who to target.
- Be wary of what you’re posting, if you use your pet’s name as a password anywhere do not post about it on your social networking sites naming it.
- Do not log on to your social network page from public computers where someone might have installed a key logger and would later get access to your credentials. The same goes for unsecured WiFi networks.
- Do not automatically trust that posts are from who they claim they are; if your workmate sends you a private message asking for some confidential information first verify that he/she did really send you that message as their account might have been compromised.
- Do not send confidential information through a social networking site even if someone who has legitimate access to that information asks you to. See point number 2.
- Beware of what links you click and what software you download and install. Do not trust links/software sent by your friends implicitly as they themselves might not be aware it includes malware or their account might have been compromised.
- Always be sceptical and wary. If someone asks to be friends on a social networking site and the profile appears to match a work mate, check personally with that person before accepting him as he could be an imposter. Also be sceptical of any offers or prizes you might have been told you won, they might actually be phishing attacks. Read about how fake LinkedIn recruiter profiles where used to phish job seekers.
- Ensure your computer is up to date and has good antivirus protection; social networking sites are frequent targets of malware attacks.
Finally, as a sysadmin, you might want to get some help from solutions such as GFI WebMonitor which can help monitor and control web activity, and secure web browsing. It helps create a happy balance of letting employees enjoy social media without impacting network resources or productivity. Download your 30 day free trial here.
If you have any more tips which are not mentioned above feel free to share them by leaving a comment below.
This post was originally published some time ago but has been recently updated to reflect the ever changing social media landscape.