Social Network Security for Businesses: A Work Still In Progress

Social Networking at Work (Part III of III)

In our first post of our social networking at work series, we discussed how your business can benefit from social networking.  Our second article suggested several ways to ensure that your employees do not waste too much time using them. In this post, we would like to highlight the security concerns associated with social networking and suggest several ways to mitigate these serious threats.

Anytime your employees access an external communication channel outside your internal network, your company is exposed to potential security and legal threats. Webmail sites like Gmail and social networks like Facebook and Twitter are difficult to monitor and represent an unfettered entry point for viruses and other unwanted intrusions. It only takes one precarious download to infect a single computer or even worse, an entire network. Even with the best-in-breed anti-virus applications, security breaches can occur. The cost, time and lost productivity associated with repairing or replacing an infected computer or network can be astronomical.

In addition, it is difficult for IT administrators to capture messages sent through these channels. Consequently, any employee can willingly or inadvertently send confidential, proprietary, or inappropriate information with no record of the message being retained or reported. For some companies, the cost of an employee sharing information that should not be made public can carry heavy fines from government regulators and litigators. In particular, financial institutions subject to the Graham-Leach-Bliley Act and healthcare companies regulated by HIPAA have been fined millions of dollars and have faced expensive lawsuits. According to ACC & Serengeti, 34 percent of U.S. companies had email subpoenaed and 15 percent had gone to court over lawsuits triggered by employees’ inappropriate use of email alone. Social networks can surely compound this threat.

Email is a relatively secure channel

The arguments for restricting employee access to social networks are reminiscent of the same conversation over email that occurred nearly two decades ago. Email is now a cornerstone of business communication, but in the early days, it was looked upon with the same scrutiny that social networks face today. In response, many innovative companies (IronPort, BrightMail and LiveOffice to name a few) have developed technologies to make email safe and compliant for all business users. Today, most companies employ an email server appliance that not only prevents spam but also monitors, filters, and retains all corporate email. These technologies effectively prevent employees from downloading viruses and sending inappropriate messages.

Unfortunately, technology has not effectively solved the problem for social networks. Some companies are developing proxy servers to monitor employee’s use of social networks, but these solutions are new and unproven. For many companies, the only solution is to restrict access to all third-party communication sites.

Solve social media’s shortcomings now

NutshellMail has addressed this issue by transforming all incoming and outgoing social networking messages into email communications. NutshellMail works by sending recurring email digests of all your social networking activity and gives you the ability to reply to messages, share stories and update your status through email. Consequently, all messages sent or received through NutshellMail can be monitored and retained using the same security and compliance safeguards already employed for corporate email. NutshellMail may not be the only reliable solution, however, with tools like it, there is little reason for companies to block access to social networks and to miss out on the great benefits that social networking can offer.

We believe that social networking is and will continue to be an essential channel for business communications. Companies that choose to blindly close their eyes to these benefits will only hurt themselves in the long run. With a prudent approach, social networking can be great for business and can coexist with a healthy, productive, and secure work environment.

Mark Schmulen is CEO of NutshellMail (http://www.nutshellmail.com), the first social networking management tool that combines the best of the social web with the original killer app: email. The service lets you organize, customize, monitor, manage and interact with all your social networks (Facebook, Twitter, MySpace, LinkedIn, etc.) and extra email accounts from an interactive email dashboard delivered directly to your favorite inbox on a schedule that you choose. NutshellMail is part of the fbFund REV incubator program, a joint venture between Facebook, Founders Fund and Accel Partners to seed and incubate early stage companies. NutshellMail keeps you connected and saves you time.