What your employees do and say online, or how they use digital devices, can make them and your organisation vulnerable to security threats.
Some of the security vulnerabilities can be obvious, such as posting or sharing confidential organisational information that puts staff, processes or assets at risk. Others may be less so, such as search engines storing search history or smart phones logging data which can be exploited by those with malicious intent.
Introduce staff education and training to promote safe and secure practices when using online social media to raise awareness of the risks involved.
- Does your organisation have a ‘use of social media’ policy for staff (including contractors and suppliers)? Who is responsible for ensuring that staff adhere to the policy?
- Is your social media policy widely communicated across the organisation?
- Are staff made aware of the risks posed to your organisation from non-adherence to your rules social media?
- How are social media breaches managed?
Guidance to help your organisation address these questions is available via the links below:
- Online social networking - guidance and information on online behaviour
- Employee Digital Footprint - campaign materials to help employees manage their digital footprint and activities
- Workplace Behaviours campaign - how to encourage employees to think in a security-conscious way
