How social media use has blurred the line between business and pleasure and what it means for your business.
Do you know if your employees are using LinkedIn with their business email addresses?
A lot of stories focus on how to avoid risking personal reputation on social media platforms, but what does it mean for your business? I think a more important reason to make sure your team is keeping business and pleasure separate (especially when it comes to social media!) is the increased cyber threat your business faces when credentials from social media are compromised.
Nowadays, we see database leaks day in and day out. Stole records are shuffled about—sometimes sold to the highest bidder— and we’re all getting so desensitized that cybercrime has lost its urgency among us as business leaders. Granted, credential compromise is not a new topic, but often when a business’ credentials have been compromised—users often are to blame (most unsuspectingly). And social media doesn’t help matters!
Just think about some of the latest hacks on LinkedIn—117 million users data compromised. What if one of your team members’ data was taken and they used the same password on LinkedIn as they did for ALL of their logins at your office? What if they had access to sensitive data—health, credit card, social security numbers—you name it! And what if the hackers started getting into your system by using these credentials? Susie did change her password on LinkedIn (because LinkedIn told her to!), but she forgot to connect the dots, having the same password on your business networks. Like it or not, employees reuse their passwords for personal use more often than you’d expect—nearly 43% of users have reused business passwords elsewhere!
Could you afford everything that comes with a hack or virus attack?
Employees that even reuse their corporate email password for personal login credentials could put their employers at risk—account takeovers, phishing attempts (from inside the system!) or even extortion!
And I’m not just making up stories here! This year, OurMine Team, a hacking group, compromised business credentials of employees from stealing them on social media platforms like Twitter and LinkedIn. Several organizations also reported Dropbox leaks that were from users having shared social media passwords.
So, what can you do to protect your business, your staff and your data?
Set policies— do not permit external services to be associated with corporate email accounts. Monitor external services.
Monitor activity— vigilantly look for credential data dumps and determine whether your users have been affected. Import compromised user data and look for suspicious activity.
Educate your team— and teach your team members best practices to easily remembered passwords. Engage your team with the most-current security training and promote password management solutions.
If you’re a DE customer, we have education training and monitoring already in place (please contact us with any questions!). If your current IT solution doesn’t keep your team up-to-speed with the latest hacks and backdoors into your system, contact us TODAY for a network assessment. Because healthy secure networks cannot be taken for granted!