Using Social Media at Work Safely

This page covers social media – as in visiting and using the common social networking sites – and the use of social media as a business tool.

Many of the risks associated with social networking / social media arise from having such a large and, in many cases, unknown group of people with whom you are interacting, and an effectively un-moderated forum.

The risks

  • Innocent disclosure of confidential information by yourself, colleagues, customers, friends or contacts.
  • Intentional disclosure of confidential information for a variety of motives including financial gain, fraud, compromised identity or reputational impact.
  • Being a victim of bullying, stalking, trolling or other forms of online abuse.
  • Being a perpetrator of bullying, stalking, trolling or other forms of online abuse.
  • Access to inappropriate content via links in posts or tweets.
  • Phishing emails allegedly from social networking sites, but actually encouraging you to visit fraudulent or inappropriate websites.
  • Colleagues, customers, suppliers, friends’ and other people’s posts or tweets encouraging you to link to fraudulent or inappropriate websites.
  • Fraudsters, identity thieves or hacktivists hacking into or hijacking your account or page.
  • Malware contained within message attachments or photographs.

Safe, sensible and responsible social networking / social media

Your organisation and its employees can avoid these risks and use social networking / social media safely by following a few sensible guidelines. Remember that following best practice guidelines for social networking / social media in the workplace are very similar to those in your private life.

  • Restrict access to company social media accounts to only those who need it and are trained to use them.
  • Set up and maintain an audit trail of who has access to what social media accounts, and immediately stop access to employees or contractors who leave the business.
  • If considering the use of apps to aggregate multiple Twitter, Facebook, LinkedIn and LinkedIn accounts, use only those that are relevant and needed, and restrict access as they are a popular target for hacking.
  • Be wary of publishing any identifying confidential information about your business, directors, employees or customers – either in your profile or in your posts / tweets.
  • Use strong passwords.
  • What goes online stays online. You and colleagues should consider carefully before publishing comments or pictures that might later cause difficulties, either to the business or third parties.
  • Monitor what other businesses and individuals post about you, or reply to your posts..
  • Learn how to use sites correctly. Use the privacy features to restrict others’ access to your profile. Be guarded about who you let join your network.
  • Ensure that you and colleagues are constantly on guard against phishing, vishing and other social engineering activity aimed at gleaning social media passwords.
  • Ensure you have effective and updated internet security software and firewall running before going online.
  • Be aware of the length of unproductive time that employees / colleagues spend on non-work related sites, to the extent of monitoring their online activity.