Time to review your security policy
Posted by Karen on Jun 2, 2011 12:00:00 AM
We all know that social media is rapidly changing the way we live, work and play. In business, its power to interact with clients and prospects in a live, dynamic and more “off the cuff” manner is being embraced by everyone from the vibrant tech start up’s in Hoxton to your more traditional accountancy and legal firms. Social Media is fast replacing traditional means of corporate communication. At the launch of Facebook’s new messaging service last December, Mark Zuckerberg predicted email would “go the way of the letter because it was too slow and too formal” and there is no short of commentators on the web hailing the ‘beginning of the end of email’. Whether these obituaries are premature or not, we’re certainly witnessing a change in the way we communicate as a business, even with the use of email itself – as Mimecast shed light on last month -when revealing that 85% of 25 year olds and under sent work related emails from personal accounts. Indivisible from one another, how we work and how we communicate is subject to increasing flexibility, we’re both breaking free from the confines of our offices to work from wherever, whenever and shedding the formalised structures and templates letters and emails have shackled us with in the past. But this freedom comes with its caveats, and for our clients in IT positions it’s likely to cause some security headaches. The threats posed by home and mobile users contaminating company networks with the latest malicious viruses, is well documented, as are the ways to protect yourself i.e. using secure private networks or setting up VPN gateways. However, if users are sending company data from personal emails accounts then those measures are undermined and sensitive corporate information is compromised. Add social media sites into the mix-many of which are a fertile breeding ground for malware, spam and other such menace and network security can start to look vulnerable. How to protect oneself is as much about having a sensible policy and educating staff as it is about technology. What company information is being made public on these sites? Might it compromise an organisations intellectual property, reputation or offer a bread crumbed trail into an organisations network? What devices are people sending information from (these days could be anything from a home PC to a tablet or a smart phone) and how well protected are they? If you can’t answer these sort of questions unequivocally - it might be time to review your security policy.