Social media has taken on a prominent role in the business world very quickly, and some organizations are wondering how to address it properly. So we asked an expert: How important is social media security training, and what advice would you offer to help ensure the success of such training?
Social media security training is crucial to help protect your organization’s sensitive data, proprietary information, and trade secrets from being inadvertently disclosed on a social media feed, says James Pooley, author of Secrets: Managing Information Assets in the Age of Cyberespionage.
“The Internet, which spawned social media, has changed the way we work and communicate. That change has profound implications for a trade secret system that relies largely on human trust,” says Pooley.
“I’m not saying openness is inherently bad,” he adds. “Obviously, a certain amount is needed if we’re to collaborate for innovation. Yet there’s a dark side to the comfort level that’s evolved around all this sharing. Companies need to acknowledge the risks of social media and work to prevent leaks by improving their employees’ knowledge and good judgment.”
Employers need to be deliberate about their efforts to train employees on social media security because many are so accustomed to sharing details of their lives on social media platforms. “Making sure that social media doesn’t become a hole through which your company’s secrets leak is an especially challenging task, because you’re essentially asking employees to check their habits at the door,” he explains. “They’ll need to learn to operate based on a different set of standards that often contradict how they deal with information in their private lives.”
Don’t make the mistake of thinking that your work is done after educating new hires about your data protection policies during initial orientation, Pooley advises, noting that ongoing training is needed to help mitigate risks. “Keep in mind that the best training is continuous, careful, upbeat, and professional. And be sure to include everyone—not just key knowledge workers—in social media security training. That includes contractors, temporary employees, and interns.”
Pooley also recommends training employees to be on the lookout for social media scams. “Teaching employees to think twice before clicking can help secrets stay secret.”