Malware Sneaking into Firms via Social Media

    Apr 26, 2016

    Social media is ubiquitous today, but despite billions of worldwide users, social media platforms are not as safe as they should be, Osterman Research has found.

    The Osterman survey, “Best Practices for Social Media Archiving and Security” found that although enterprise and consumer-centered social media platforms proliferate in organizations everywhere today, they remain a threat.

    According to the report, only 54% of organizations surveyed have a written policy governing the use of public social media networks, while just 51% have policies governing enterprise social media usage.

    This puts organizations at risk, as the survey found 82% of firms use Microsoft SharePoint for enterprise social purposes, while more than half of surveyed organizations use Facebook, Twitter, and LinkedIn. And so it makes sense that the survey found 18% of organizations have had malware enter their network through social media, while an additional 25% have had a malware attack of unknown origin.

    Michael Osterman, president of Osterman Research, told Legaltech News that this low percentage was “really not all that surprising” because IT tends to play catch-up with social media and other user-driven trends. However, he said he was surprised by social media’s use as a source of malware.

    Because malware can sneak into an organization through social media in many ways, securing the perimeter of social media communications is a critical part of a firm’s risk management strategy.

    “Organizations need to know how their employees are using social media for business communication to protect both the company and the employee,” said Ken Anderson, vice president of marketing at Smarsh, which sponsored the Osterman survey. “There are more inadvertent and malicious leaks of information these days, which can comprom

    The Osterman survey suggested organizations take three steps to securing their social media usage:

    1. Identify how and why social media is being used
    2. Implement appropriate, secure policies for everything from usage to archiving
    3. Actively monitor social media use for policy compliance and potential malware

    “Organizations should definitely establish these policies proactively, but many do not,” Osterman said. “Even in some financial services firms, which are governed by FINRA regulators that have been fairly aggressive in defining requirements for social media (dating back to 2010), many broker-dealers are not proactive in ensuring proper use of social media.”

    While there is a lot of risk when businesses don’t properly secure employees’ use of social media, organizations are optimistic. According to the survey, 66% of organizations hope to improve the problem of communication between departments and functions using social media, and 63% said they hope social media will enable greater collaboration overall. And, the research noted, social media can lead to faster decision-making capabilities, better customer service, and an improved corporate culture with greater connections.

    Check out these ARMA International resources on this topic:


    © 2017, ARMA International