How personal social media use can become a corporate problem

Most of us use social media to keep in touch with friends, read interesting content or share photos, but we also know it comes with risk. How private our data really is and whether or not “they” are listening is constantly in the news, but do you know the risks of personal social media use to your business?

In Techworld’s recent article summarising some of the most infamous data breaches in the UK, Facebook, Google+ and Reddit are all featured. Even though your staff may be using social media in their private time, the associated risks could lead to problems for your organisation.

Why your employee’s social media use is an information security risk


Many people don’t think twice before sharing something about themselves, but staff should take a moment to consider the repercussions of their posts or whether the content of a post is meant for public consumption.

Does a photo taken at work reveal something confidential in the background? Are the thoughts or interests being shared aligned with company values? There are abundant examples of people’s tweets coming back to haunt them years later.

Staff should also be careful not to include too much personal information on social media profiles. In addition to their name and date of birth being on their profile, location tags may reveal addresses, and even who clients are. Employees may think nothing of revealing they are on-site with a client, but the client may not appreciate this information being made public.

Staff should be educated about the possible consequences of sharing their activities or location.


Malicious attackers often set up scams using social media, deliberately preying on naive users and luring them in with something attractive. False investment opportunities, lotteries and online romances are often used to pique a victim’s interest, before tricking them into clicking malicious links. If the victim is using a company device at the time, such scams can be used to gain access to company information or to install malware.

Teach staff that if something looks too good to be true, it probably is.

Mitigate social media risk

It is possible to prevent such incidents from occurring. By educating staff members on the dangers of social media, your company assets (including your employees) are likely to stay safe.

Our new Social Media Staff Awareness Human Patch E-learning Course is designed to combat the information security risks of social media use by employees. It provides staff with the knowledge required to prevent common social media mistakes and malicious attacks. Such mishaps include accidental sharing of private company information on social media profiles, and inadvertently sending log-in details to a malicious third party.

Course contents

The course consists of four modules covering:

  1. Social media as a concept;
  2. Social media risks and their consequences;
  3. Mitigation techniques; and
  4. Recognising, reporting and managing social media risks.

At the end of the course, employees are asked ten random questions based on the content, which they can retake until they reach the pass mark of 8/10.

Using this engaging, informative and relevant content to educate employees will greatly reduce your organisation’s risk relating to social media usage.

This is the third in the “Human Patch” series of courses, which are designed to be short, easy-to-follow online learning courses preventing common staff-related incidents or mistakes.

The other courses in the series are Misuse of Cc and Bcc when emailing, and Phishing and Ransomware.

The Social Media Human Patch Staff Awareness E-learning Course is available to buy online.

Read more and purchase >>