Want to get your podcast sponsored and make more $ from it?
[even if it’s new or has low downloads!] Check out my free course!

Tell Me More!
No Thanks

Follow Lilach

How social media is affecting your business’ cybersecurity

We often think of social media as innocuous, it’s a leisure activity, and it is one that businesses can use to connect with their customers. Many organisations ask members of staff to run their own social media accounts. Others allow customers to use their personal social media on the same devices that they carry out work on.

However, these issues and others can lead to real problems for company cybersecurity. It is the case that social media profiles can provide hackers and cybercriminals with the chance to get easy access to a company’s systems. 

This could be a major problem, as any kind of cyberattack or data breach can cause enormous problems for a business. Here we take a look at how social media is affecting your business’ cybersecurity and what you can do about it. 

Unsecured devices

There is a huge issue surrounding social media in that many people use it on unsecured personal mobile devices. Additionally, there has been an exponential rise in the number of people using mobile devices for work purposes. When you combine these two issues, you’ve got a major cybersecurity problem.

If the mobile devices of workers can be hacked using their social media, this can give the cybercriminal a great deal of access to business data and information. 

This means it is essential that businesses take two steps. Firstly, if workers are going to use their personal devices to carry out work, they need to make sure that they are as secure as it is possible to be – utilise antivirus software and provide any kind of security possible. Additionally, they need to be given training to minimise the risk of them falling victim to scams. 

Reused passwords

One interesting element of social media’s effect on cybersecurity is the re-use of company passwords. Many businesses ask their employees to run business social media accounts – a social presence that is entirely work-based rather than personal. This can have a range of benefits for companies, but it does come with a potential security flaw. 

When staff are asked to create a social media account for work, they will often choose the same password that they use for their main work account, as it is easier for them to remember. The problem here is that with a work social media account, staff can sometimes be less careful than they would normally be with their personal account.

This makes them more susceptible to phishing attempts or other types of cybercrime. If a cybercriminal is able to gain knowledge of their social media password it can provide them with entry into the main business computer system, where they access data. 

A vulnerability that can’t be scanned

Staff using social media as a major part of their job can be a real cybersecurity challenge – not least because external social media sites cannot be monitored by your security team. Modern businesses make use of technologies such as security information and events management (SIEM) to track event information from devices and uncover potential cybersecurity risks. 

However, these technologies are only effective in systems that can be tracked. External social media sites effectively work as blindspots for these kinds of powerful security technologies.

This means that if you are going to have many members of staff using social media, it is important to factor this into your overall cybersecurity policy. The standard practice may not be enough to keep the company secure against risks emanating from social media. 

Gathering information 

We often think about cybercrime as something that happens as a single attack against a business system or an individual. But it is actually the case that these sorts of campaigns are drawn out over a period of time. They often involve reconnaissance and data gathering to make the actual attempted data breach easier. 

For example, if cybercriminals are able to breach the social media accounts of employees, it can give them the opportunity to covertly gain access to more information about colleagues and the company as a whole. Many social media accounts hide specific information if someone is not ‘friends’ or ‘connected’ with the account. 

This is why it is absolutely essential to provide staff with regular training on cybersecurity and help them to stay secure at all times – including with their personal social media accounts. 

Too much information!

Cyberattacks against small businesses are increasingly common. Indeed, 67% of businesses with fewer than 1,000 employees say that they have suffered a cyberattack. Unfortunately, it is often the case that staff often provide potential weaknesses and vulnerabilities that can be exploited. From a social media perspective, this can relate to simply making too much information available on their profiles. 

Think about how many security questions relate to personal information: your mother’s maiden name, your first school, your date of birth etc. Many people unknowingly make this information freely available on their social media accounts. 

This information can be learned and then used to take control of an employees account. This would leave a business extremely vulnerable, as there is very little that can be done against cybercriminals who have full access to a company account. 

How can your business minimise the risk?

Ultimately, if you want to minimise the risk of cybercrime that is instigated as a result of social media, there are a number of things that your business will need to do. First, and foremost, you must provide a high level of cybersecurity training to help staff understand the risks and how to deal with them. 

Additionally, you should make sure that staff know not to simply re-use the same passwords at work. It can also be valuable to put in place a policy that forces staff to change their passwords regularly. 

Of course, with personal social media accounts, companies cannot tell employees what they should or should not post – but simply offering details of the risks of making too much information available should help. 

Final thoughts

Social media can be an important part of your company’s marketing strategy and make it easier for you to build connections with customers. But it also comes with potential cybersecurity risks that can be easily overlooked. 

Follow Lilach

In this post:

Listen to the podcast today!

Listen Now

About Lilach Bullock

Hi, I’m Lilach, a serial entrepreneur! I’ve spent the last 2 decades starting, building, running, and selling businesses in a range of niches. I’ve also used all that knowledge to help hundreds of business owners level up and scale their businesses beyond their beliefs and expectations.

I’ve written content for authority publications like Forbes, Huffington Post, Inc, Twitter, Social Media Examiner and 100’s other publications and my proudest achievement, won a Global Women Champions Award for outstanding contributions and leadership in business.

My biggest passion is sharing knowledge and actionable information with other business owners. I created this website to share my favorite tools, resources, events, tips, and tricks with entrepreneurs, solopreneurs, small business owners, and startups. Digital marketing knowledge should be accessible to all, so browse through and feel free to get in touch if you can’t find what you’re looking for!

Learn More

Podcasts:

Blog Categories:

Popular Articles:

Hope you enjoyed this blog post!

If you want our team to grow your business with digital marketing, book a call.

Book a Call