SME survival guide: How to stop employees using social media at work
With five years and four months being the estimated average time that a person spends on social media in their lifetime, it’s no surprise business owners are seeing an increasing number of employees flicking onto their own profiles – when they really should be concentrating on work.
What many companies don’t realise though, is the detrimental effect social media in work time can have on staff productivity and – often overlooked – IT operations.
In fact, one in eight organisations has suffered security breaches because of a social-media-related cyber-attack!
But, it’s not really about stopping employees using social media altogether – no matter what, it will always be a core breaktime activity. It’s more about preventing them from using it in an uninformed and unsafe way.
Yes, the key to reducing the minutes staff spend checking their friends’ feeds and updating their statuses could help improve your IT security. But how? Ultimately, it’s down to two core factors… cyber-security education and awareness!
Outlining the bigger picture
When the thumbs – or mice – come out and start scrolling, this is often down to boredom or distraction, or a combination of the two. However, the truth is that with either of these things, there comes greater room for error and less attention to detail – which can impact IT and critical data.
Looking at social media on your phone – or desktop – during work hours may appear like a harmless act, but with the click of a mouse or the ill-timed tap of a button, important company data can be at risk of being compromised.
In fact, 80% of business leaders have expressed concern about the misuse of confidential information through social media – and this could be due to an account-hacking incident or negligence on an employee’s behalf.
Social cyber-awareness is crucial
It’s often presumed that everyone has heard about social media details being intercepted, but the reality is that not all people are digitally savvy. And, if your team don’t know about the cyber-dangers that are lurking on the web, then how can they be deterred from – or at least more mindful about – the risks associated with using social media in work time?
SME owners need to ensure their departments are clued-up on what cyber-attacks are and how they can affect a business – spanning data interception, viruses and GDPR, to name but a few areas.
Social media is designed to be a recreational communication tool, and because it’s a place to connect with friends and colleagues, this often makes people feel at ease. But, when humans feel content, that’s also when guards can come down and awareness levels dip.
For example, if your workforce post about your firm’s new product launch or internal workshop they attended – and their profile is public, without the recommended security settings – this factual information can be utilised as a ‘hook’ by hackers looking to send out phishing emails which look all-the-more genuine. This can then make individuals and organisations more susceptible to a data breach and potentially GDPR fines – which can have devastating consequences, not only in terms of brand image, but also financially too. Therefore, it’s crucial you take steps to protect your data!
It’s not just social media which can be impacted. If one of your team receives a phishing email at the same time as they’re looking through their personal feeds, they’re arguably in a more ‘social’ frame-of-mind. This could mean the likelihood of them opening an email attachment from an unknown sender is much higher, as they aren’t as on-the-ball and suspicious as when their attention is fully dedicated to work-related tasks.
It all boils down to staff knowing about the hacking risks out there – and the privacy settings available on social media channels – as well as providing guidance relating to the kind of information they should and shouldn’t be sharing, from a workplace perspective.
From malware-ridden surveys to phishing messages on Facebook chat, there has been many a cyber-attack carried out via these digital platforms. So, the same rules apply to when spotting a suspicious-looking email – employees should be eagle-eyed and cautious when it comes to odd links or seemingly too-good-to-be-true offers which require urgent inputting of personal details.
If they’re conscious that scams like this exist, staff may be less likely to use it in work time, and definitely be more mindful when it comes to what information they post and to whom.
In-house social media
What if social media is a big part of your day-to-day business though? For some SMEs, employees have access to the company social media accounts too, so it’s critical that if staff go on these channels, personal and corporate account information is kept separate.
This isn’t only to prevent any unfortunate post mix-ups – confusing personal and corporate identities – but also to counteract the risk of passwords being leaked or intercepted by cyber-criminals, especially if using non-secure devices. Also, the number of employees you have accessing the work profiles should always be kept to a minimum, and logins updated, or access revoked if there’s a change in personnel.
Developing a clear social media best practice guide – which works in tandem with a robust cyber-security strategy – can help. It will encourage employees to stay within the realm of what information is acceptable to post online – outlining who has access, password guidelines and advice on cyber-threats to look out for. If in doubt, it may also be worth looking into cyber-security-related training courses too!
Hopefully, you can now see the link between how education regarding social media safety is intrinsically linked with cyber-security awareness. So, like we said at the start, it’s not really a matter of getting your employees to stop using social media at work, rather eradicate them using it in a way that compromises safe IT operations.
To find out more about Q2Q’s secure cyber-security services, feel free to contact our friendly team of experts!
