informa
/
Risk
Commentary

Facebook 'em, Danno!

Did you hear the one about how Facebook is costing the Australian economy $5 billion a year? And that's just lost productivity -- not the security risks Facebook exposes companies to.
Did you hear the one about how Facebook is costing the Australian economy $5 billion a year? And that's just lost productivity -- not the security risks Facebook exposes companies to.The Australian Facebook productivity loss figures are based on security company SurfControl's estimate that employees are spending an hour a day on Facebook.

You do the math for your company: whether you've got four employees or forty or four hundred, figure, conservatively, that a quarter of them are on Facebook, and -- very conservatively, I think --they're spending an hour a day there. Now multiply that by the number of hours in a work-year, stack up the amount of cash that represents and put a match to it.

Productivity losses to social networking are one thing. The risks that social networking exposes your business network, and your business, to are not another thing. They're the same thing.

The same thing, in fact, as the iPod problems discussed by some of us at bMighty over the last couple of days, the same as the thumb drives I carped about last week, the same as IMs and personal e-mail accounts and smartphones and just about any other consumer technology your care to name.

Employees are coming to work equipped and connected, carrying devices and logging ito accounts and services that have nothing to do with your business and may have everything to do with putting it at risk.

Risks including identity and data theft, posting confidential information, spams and scams, legally actionable postings made during company time and on company equipment, viruses and Trojans and intruders, and more.

Whether or not you allow your employees to Facebook on company time and equipment is your business, same as their use of iPods, thumb drives et. al.

But you had better have policies in place regarding all of them -- and the first step toward an effective policy is to take an audit of what personal digital equipment your people bring to work, and what accounts and services they use while on the clock.

Probably you need to worry about what they may doing on social networks when they're off your clock, too, but that's a worry for another blog.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5