Social Media’s Impact on Culture and Cybersecurity in the Workplace
Steven Bearak, CEO of IdentityForce argues that with the “always on” Millennials dominating workplaces social media has gained unprecedented importance as a mode of communication and promotion. Find out how this brings with it serious security concerns and what HR teams need to do to address this challenge.
Since 2016, Millennials, known as the “digital natives,” have been the largest generation in the American workforce. By 2025 they will comprise 75 percent of all workers. And, there’s no argument that Millennials are the early adopters of technology, while also being hungry to achieve the ultimate work-life balance. This combined with an exponential increase in machine learning tools and artificial intelligence (AI), continues to fuel improved work processes and influence the way we all communicate with each other.
As many of us haven’t had the dust settle yet from the Big Data transformation in the workplace, a recent Morgan Stanley survey showed that 48 percent of Chief Information Officers are now installing or testing AI and machine learning systems.
These technologies have had an immeasurable impact on the dynamics of hiring, building the corporate culture, and, in general, how we interact with each other. In today’s era of the Internet of Things (IoT) and Bring Your Own Device (BYOD), employees are “always on.” This goes hand-in-hand with the flexibility of work schedules and remote options, which are definitely a hot button for younger generations. It’s expected that, by 2020, 40 percent of the workforce will be freelancers, temps, or independent contractors.
Despite these efficiencies, work-life balance has become more difficult to achieve. According to Randstad’s Employee Engagement study, Millennials are the most inclined to remain connected to work during off hours and feel the most guilty about using vacation time. An EY study showed that nearly one-third of Millennials find managing their work, family, and personal responsibilities progressively more difficult than ever before. I expect this number to increase as rising professionals, including younger Millennials, enter managerial roles and start families of their own.
In Comes Social Media
Employees are using social media at home, at work, and on-the-go, across all their devices. Since maintaining personal connections and balancing demanding workloads is difficult nowadays, social networks have become one of the main communication channels people use as an outlet for preserving relationships and relieving stress.
The amount of time spent on social media varies by generation but still plays a significant impact in the vast majority of American adults’ day-to-day lives. Pew Research Center reports that 69 percent of adults use some type of social media. That number jumps to 88 percent of people aged 18 to 29, and 78 percent of those 30 to 49.
It’s not just individuals using social media, either. If we look back about four years ago, 88 percent of companies used social platforms for marketing purposes. Today, networks like Facebook, Instagram, and Twitter are essential for brands to remain relevant and attract talent.
**As social media has become so ingrained in our society, it’s also an extension of our business life and embedded into our corporate culture.** Many organizations encourage their employees to stay “socially” active and act as brand ambassadors. It’s interesting that more than half of U.S. employers have laid out policies to clearly set expectations while protecting their brand reputation. But, where in these policies do cyberthreats fit in?
Social & Cybersecurity
Social media has become just one of the endless data channels that cybercriminals are exploiting daily. Even technically-legal activities often involve the misuse of individuals’ Personally Identifiable Information (PII). I’m sure you’ve heard of the Facebook and Cambridge Analytica data scandal.
Any device that can connect to the Internet can be breached. Bring Your Own Device combined with employees’ social media usage has exposed company networks to a whole new threat. On July 4, 2018, popular third-party app, Timehop, disclosed a data breach that compromised all of its users’ email addresses and the phone numbers of 4.7 million people. This data can be used to execute large-scale phishing attacks meant to compromise a company’s network and systems.
All it takes is one mistake. An employee could click on a link that contains malware or accidentally disclose sensitive company information. Then the door is wide open for hackers, cybercriminals, and identity thieves.
Where HR Can Step In
Protecting company, customer, partner, and employee data should be top of mind for everyone in an organization – especially considering the average data breach costs companies in the U.S. $7.91 million. Human resources (alongside IT and InfoSec teams) can help lead the charge to guard against social media threats.
**Corporate social media guidelines often don’t explain network security implications, and many employees don’t know how to spot something suspicious.** That’s why it’s critical to implement continuous training workshops, and even email reminders, that go beyond reinforcing appropriate conduct online.
Employees should be educated on how to properly use privacy settings on their social profiles. Oversharing is one of the main ways hackers steal PII and sell it on the dark web.
I would also recommend encouraging your employees to use a password manager, so they are less vulnerable to account takeovers, imposter accounts, and data theft.
Additionally, many companies provide their employees with social media monitoring as part of a larger employee benefit – identity theft protection. This empowers them with visibility into any suspicious activity occurring on their (or their children’s) social media accounts.
As the channels and networks for data sharing continue to evolve and grow, so do the risks facing businesses. HR, IT, and InfoSec teams can work together and implement strong guidelines and security training on social media to help them identify and possibly even prevent future threats. By implementing proactive programs to protect your employees, you’re also protecting sensitive company and customer information. Don’t let minor personal privacy risks turn into major corporate scandals.
