As more and more people go online to create profiles, share photos, news and gossip with friends and spend hours updating their details and friend lists, organizations are starting to reassess their approach to social networking in the workplace.

What makes social networking on the Internet so popular is the power it gives individuals to create, maintain and expand any number of networks to include family, close friends and people who share a similar interest, profession or hobby.

When used properly and with discretion, social networking can be a valuable resource for businesses looking to expand their visibility or for employees who need to communicate with colleagues. In most cases, its also a free service.

It is not uncommon for businesses to use social networking sites to carry out initial background checks on new recruits and a discreet way to check on what their employees are doing and saying in the public domain.

To ban or not to ban? A recent University of Melbourne study showed that people who use the internet for personal reasons at work are about 9% more productive than those who do not. However, the study fails to factor in a very important element: security. Every action, every minute spent online (and on social networking sites) may expose an organization to numerous security threats. While the subject of productivity increase is debatable, the security issues are not — they are all too real.

Where does that leave businesses?

They have three options.

1. Ban access to social networking sites (and access to Internet as well).

2. Set limits and restrictions on their use

3. Allow unmonitored access

Banning access to social networking sites may be an optimal solution for some organizations, and one can see banks and government departments particularly keen on keeping the status quo. However, many smaller organizations may feel that taking a heavy handed approach could be counterproductive, indicate a lack of trust in employees (probably justified to an extent) and is too restrictive.

On the other hand, you certainly do not want to give unfettered access to social networking sites; for reasons that will be explained further on. The best option may be to allow access to social networking sites while imposing limits (when these can be used and by whom). Regardless of which option an organization may choose, they must ensure that the basic safeguards are in place:

* up-to-date anti-virus software

* a firewall and the ability to monitor the use of the internet in general

* ability to monitor social networking sites in particular.

The CONCERNS

What is important to note is that social networking sites (e.g. FaceBook) as applications are not a problem per se for organizations. It is the people who use them that are a cause for concern. Social networkers, if one can call them so, are the root of five problems.

PRODUCTIVITY

One reason why organizations are keen on banning social networking in the workplace is the fact that employees spend a great deal of time updating their profiles and sites throughout the day. If every employee in a 100-strong workforce spent 30 minutes on a social networking site every day, that would work out to a loss of 13,000 hours of productivity in one year! Although this may be a generalization, organizations do look very carefully at productivity issues and it goes without saying that 50 hours of non-productive work a day does not go down well with management. When you factor in the average wage per hour you get a better (and decisive) picture.

There is also an effect on company morale. Employees will not appreciate colleagues spending hours on social networking sites (and others) while they are working hard to clear the workload. The impact is greater if no action is taken against the abusers.

RESOURCES

Although updates from sites like FaceBook or LinkedIn may not take up huge amounts of bandwidth, the availability of (bandwidth hungry) video links posted on these sites (or links taking users to sites like YouTube) creates problems for IT administrators. There is a cost to internet browsing, especially where high levels of bandwidth are required.

VIRUSES AND MALWARE

This threat is often overlooked by organizations. Hackers are attracted to social networking sites because they see the potential to commit fraud and launch spam and malware attacks. There are over 50,000 applications available for FaceBook (according to the company) and while FaceBook may make every effort to provide protection against malware, these third-party applications may not all be safe. Some have the potential to be used to infect computers with malicious code which in turn is can be used to collect data from that users site. Messaging on social networking sites is also a concern and the Koobface worm is but one example of how messages are used to spread malicious code and worms. A worm infection is the last thing an administrator wants to have to deal with!

SOCIAL ENGINEERING

This can result in data or identity theft. Social engineering is becoming a fine art and more and more people are falling victim to online scams that seem genuine. Users may be convinced to give personal details such as social security numbers, employment details and so on. By collecting such information, data theft becomes a serious risk. On the other hand, people have a habit of posting details in their social networking profiles that beggars belief. While they would never disclose certain information when meeting someone for the first time, they see nothing wrong with posting it online for all to see on their profile, personal blog or other social networking site account. This data can often be mined by cybercriminals.

REPUTATION AND LEGAL LIABILITY

Although there have been no major corporate lawsuits involving evidence from social networking sites, organizations need to be observant for employees who may be commenting publicly and talking about their employer. For example, one young employee wrote on her profile that her job was boring and soon received her marching orders from her boss. What if a disgruntled employee decided to complain about a product or the companys inefficiencies in his or her profile? The legal implications and the damage to the organizations reputation could both be substantial.

 

Striking a balance What is worrying about social networking sites is that they encourage people to give as much information about themselves as possible. Even the most prudent and well-meaning individuals can give away information they should not. At the same time, nearly everyone today (even senior managers) have their own online profile on a social networking site and like the idea that they can keep in touch with contacts and friends via that interface.

If you are going to allow access to social networking sites there are some basic tips suggested:

1. Restrict access. Give employees a breather and allow them to access social networking sites during their lunch break, before and after office hours. Web filtering software gives administrators the ability to implement time-based access to these and other sites.

2. Educate and train staff. This is very important. Most employees are not aware how their actions online can cause security issues for the organization. Tell them in a language they understand how a simple click on a link they receive or an application they download can result in malware infecting their machine and the network. Additionally, tell them not to click on suspicious links and to pay attention when giving out personal details online. Just because employees are clever enough to have an online profile does not mean they are technically-savvy or that they have a high level of security awareness.

3. Set security and usage policies. Have all employees sign any policies related to the use of the internet at work, access to social networking sites and what they are allowed to say or do during office hours. Monitoring of all web activity is important and employees should be aware that their actions are being recorded and that failure to adhere to company policy can result in disciplinary action and/or dismissal.

ENTIRE ARTICLE (Click Here)

David Kelleher is communications and research analyst at GFI.

Popularity: 100% [?]