By Greg Griessel, Consulting Systems Engineer, Security Solutions, Cisco, South Africa.
The Cisco 2015 Annual Security Report found that blocking access to social media sites in the workplace may put organisations at greater risk than if users were allowed to browse these sites via company networks â and it may be counter-intuitive to productivity and innovation.
The majority of big brands in South Africa incorporate social media into their marketing initiatives. According to World Wide Worxâs South African Social Media Landscape 2014 report, 93% of major brands use Facebook and 79% use Twitter. Some 91% of the surveyâs respondents agreed that social media has the potential for building a business.
These figures are likely to increase following the launch of Facebook at Work, a version of the social networking platform designed for use within companies that hopes to grab market share from other workplace communication and collaboration tools.
Our report found that industries that encourage the use of new media for competition or innovation purposes are likely to encounter more malware attacks. This is because cybercriminals are increasingly relying on users to install malware and expose security loopholes within organisations through careless browsing habits.
Yet, by blocking access to social media, security teams may lack the knowledge or experience of threats that still exist outside their networks. Take the growing geopolitical landscape as an example. The emergence of transnational terrorist groups such as ISIS is concerning because they rely heavily on social media to recruit members.
Rock and a hard place
Blocking social media only gives the illusion of tighter, more impenetrable security defences. When users are not aware why such policies are in place, they may bypass security â for example, by accessing the network through their own devices to browse social media. Also, by installing stricter controls, IT teams may be inadvertently impeding how users do their jobs.
The arguments that social media may stifle productivity are valid. On the flip side, it doesnât really make sense to pass up an opportunity to engage with staff on social media â especially if the business is using these platforms to communicate with its audience. Through social networking, staff could become brand ambassadors in their own right and sharing ideas and collaborating with others could actually boost productivity and morale.
To block or not to block?
There were 9.4 million Facebook users in South Africa last year, up from 6.8 million in 2013. Twitter saw the highest percentage growth of all social media platforms during this period â increasing 129% from 24 million users to 55 million. This increasing connectivity, coupled with our predictions that 50 billion devices will be connected to the Internet by 2020, is making it harder for businesses to justify blocking access.
The Cisco Security Manifesto outlines basic principles for achieving real-world security, stressing the importance of network visibility, transparency, education and usability.
Rather than imposing a blanket ban on social media, security teams should educate users on why certain security controls are in place and explain that they play a vital role in helping to keep the organisation secure. By implementing clear, easy to understand policies, users will be equipped with the knowledge they need to achieve their goals without bypassing security. These policies should provide clear recommendations and appropriate resources for timely assistance and should make users aware of the potential impact of flouting security rules.
When people, process and technology come together to defend against todayâs threats, thereâs no reason why businesses and their staff canât be part of the social network conversation.
Cisco (NASDAQ: CSCO) is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected. For ongoing news, please go to http://thenetwork.cisco.com.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.