Education and good policies are the key to making sure social media is used in the right way, security professionals say.
Speaking at the Infosecurity Europe show in London , Steve Whittle, CTO of The Cobra Group of Companies said the key thing firms needed to get right around social media use was making sure policies were as “cast iron” as possible. It was all down to awareness and policy, he said.
The company used social media for recruitment purposes, and Whittle said it could be a good thing for many reasons. “We have people who use social media to tell everyone that they’re having a sick day… it’s brilliant in that respect because they don’t work for us anymore.”
Graham Taylor, the Head of IT Security at Michael Page International, said with Web 2.0 firms could control social media use “within the enterprise, but when somebody goes home and starts using their own PC or their own Smartphone, you’ve got no control over it at all”. The company’s approach was also to have robust policies, and awareness and education, he said.
Investec Bank CISO David Cripps said there had been a huge shift between Web 1.0 and Web 2.0 because now everyone was a publisher. He said he was “very nervous” when marketing people said they wanted everyone on Facebook and Twitter because what employees were doing online could have a “direct impact on our liability for their actions”.
Cripps said the company was doing awareness training about what was acceptable social media use.
Ministry of Defence Head of Information Security Adrian Price said social media was one of the “greatest morale boosters” for his workforce as it kept them in touch with friends and family. It was a good thing if used properly, he said.