What Are Your Employees Saying?
Social media threats can also originate internally. Disgruntled employees can post sensitive information to blogs, Twitter, or wikis, and cause irreparable damage. Does your corporate policy extend to employees accessing Facebook, Twitter, or other social media networks? (We discuss your full social media security policy in Chapter 6.) Can employees openly engage in transparent conversations with customers? If so, who monitors these interactions? Are you reviewing daily Facebook activity or Twitter digests and are these monitored manually or through an automated solution?
What to Monitor
Key points to monitor in employee conversations include:
Potential leaks of confidential information or proprietary information or intellectual property
Breaking acceptable use policies by posting inappropriate material
Any employee social connections that may cause an HR violation such as discussing company secrets in a public forum
Employee sentiment about the company
Employee conversations with customers and competitors
Potential regulatory violations
Inappropriate dissemination of customer information
How employees discuss company products and services
Dissemination of company security programs or processes that could allow attackers access to network resources
Job search requests
Facebook is of particular concern when it comes to social media security. With over 600,000,000 users, many of whom check in daily, Facebook traffic is 500 percent greater than any other social network (according to a report by Palo Alto Networks, The Application Usage and Risk Report, October 2010). Although most Facebook usage is passive (checking messages, status updates, and so on), accounts and credentials can still be hijacked through URLs with embedded malware. These types of attacks “can help uncover corporate roles or answers to security questions,” according to the Application Usage and Risk Report (http://www.paloaltonetworks.com/researchcenter/2010/03/new-application-usage-and-risk-report-now-available/). This type of URL attack has been so prevalent that products like Bit.ly have changed how they shorten URLs. Twitter made the use of shortening URLs popular because of the limited number of characters per post. Bit.ly can turn a long URL into a much shorter one. Until recently, however, it hid the original URL so you didn’t actually know the real link behind the shortened URL. Now when you click a Bit.ly short URL, a pop-up shows you the actual link before you go to the page, as shown in Figure 3-7 in TweetDeck (purchased by Twitter in May 2011). This is definitely a requirement for safe surfing.
Figure 3-7 Bit.ly now shows you the actual URL.
The behavior of your employees in the social space can also affect threat levels and increase security risks. Without a clear social media policy, a simple response can launch a tidal wave of attacks. This was what happened as a result of Nestlé’s response to users repurposing its logo online as a sign of protest. The company’s aggressive response to its Facebook fan users and its accusations of intellectual property theft left many shocked and activated the wrath of hundreds more. The result: Nestlé was bombarded with thousands of logo variations and made global news over a relatively minor issue. Had the response been handled by a trained community manager, the issue could have been addressed more judiciously. The result would have been more in line with the company’s original intentions. Instead, the result brought awareness to the protesters cause—propelling their issues onto the global stage, resulting in a tremendous negative impact on the Nestlé brand. If you look at the stock price chart during the period when the attack took place (shown in Figure 3-8), you see a drop in price. We can’t say for certain what this drop is attributable to, but all the negative reputation attacks may have contributed to the drop.
Figure 3-8 Nestlé Stock price drops during brand attack.
Public relations nightmare aside, this incident undoubtedly created additional online security threats to the company’s social media profile as news spread beyond the realm of Facebook and into the wider online (hacker) populace. In addition, the incident gave Nestlé’s competitors an opportunity to capitalize on the issue and position themselves strategically against the company’s policies and operational practices.
Corporate social media missteps are made every day. However, under the global microscope of social media, these minor hiccups can quickly become major issues. The resulting damage can be measured in the disruption of productivity due to a change of focus, potential disruptions in the supply chain, loss of revenue, and a concurrent negative impact on the overall company image and bottom line.