Social Networking at Work: Fear Not Facebook, MySpace and Bebo?
Facebook, LinkedIn and other social networking sites have potential for commercial use but to what extent should businesses allow social networking at work? What are the security risks?
Tue, February 17, 2009
CIO — Millions of people have a personal online profile; they share photos, news and gossip with friends, spend hours updating their details and adding new friends. Welcome to social networking and the world of Facebook, MySpace and Bebo.
What makes social networking on the Internet so popular is the power it gives individuals to create, maintain and expand any number of networks to include family, close friends and people who share a similar interest, profession or hobby.
The growing popularity of Facebook, for example, has encouraged corporate marketing teams to explore the opportunities to be had by having a corporate profile; using their employees contacts for sales and marketing, effectively creating a snowball effect as the corporate message is passed from one network to another. These sites give them a direct route to targeted groups of individuals with similar interests and, most importantly, it's free.
There is no doubt that Facebook and other social networking sites have potential for commercial use but to what extent should organizations or businesses allow social networking at work? What are the concerns? Should employees have access to Facebook, LinkedIn and other social networking sites when they are supposed to be working?
Social networking sites are the root of four problems.
Loss of productivity: According to a study by information security consultancy Global Secure Systems and the organizers of the Infosecurity Europe trade show, the use of such sites is costing U.K. business an estimated $12.5 billion per year in terms of reduced output. Another study showed that employees spend at least 30 minutes a day visiting these sites with some employees spending up to three hours of their working day taking care of their online profile.
Impact on network resources as bandwidth is consumed: In smaller organizations, unnecessary browsing, uploading to and downloading of files from social networking sites can eat up bandwidth thus affecting network resources.
Social engineering and phishing: This can result in data or identity theft. Most people would not divulge certain details to strangers but it is amazing what data can be gleaned from social networking sites—personal e-mail addresses and even social security numbers!
Sites are attractive to hackers and spammers: Social networking sites are attracting hackers armed with malware of all kinds: spyware, viruses and online scams. Hundreds of applications being developed for these sites are used as launch pads of malware such as Trojans.
What can businesses do?
There are three options.
- Ban access to social networking sites (in an extreme case—block all Internet connectivity).
- Allow employees unrestricted access, confident that they will only use it during their lunch break and they will not download material on to the network.
- Monitor and limit staff access to these types of sites, including general Internet browsing and downloading.