Email Security

    Social Media Is A Cybersecurity Backdoor To Your Enterprise

    The amount of time your employees spend on social media will shock you.

    by Boris Vaynberg

    Facebook, Instagram, LinkedIn, Twitter, YouTube or the latest online game. Yes, these are the new temptations facing employees on a daily basis. It starts with just a peek; maybe a few minutes, and then before you know it, it’s 5:30 p.m. already. 

    OK, so be honest. Just how much time do you spend on personal social media? As a business leader, we hope that it’s minimal. But your employees add up and you should probably sit down for this.

    Employees Wasting Time

    You may be surprised by the amount of time the average employee spends on social media during work hours. According to a Digital Information World Infographic:

    “Right now, more than 3.6 billion people are active on social media representing 64% of total internet users” and that “77% of employees access social media while on the clock with the following about of time spent on social media during the average workday:

    • 18% spend 15 minutes
    • 19% spend one hour
    • 9% spend two hours.”

    The reason for spending time on social media may be more surprising.  A FloorDaily article reported:

    “Employees say they're not always to blame for this wasted time, however. 33.2% of respondents cited lack of work as their biggest reason for wasting time. 23.4% said they wasted time at work because they feel as if they are underpaid.”

    The real risk here is that while on social media, employees increase their exposure to phishing and other social engineering attacks.

    Social Media Phishing

    Social media is primarily about sharing and potentially over-sharing, and this can bleed from the personal to the professional. It can include everything from our birthdays and anniversaries to our kids' names, our friends' and co-worker names, what we like, what we are doing at work and lots more.

    This bounty of information is pure gold to a hacker and can be used to create very targeted and believable phishing attacks. The level of implied trust that these tools carry with them provides a potential pitfall for any organization. The result? Employees that are quick to click links to malicious sites, download computer viruses, or give away our user names and passwords. And unfortunately, there’s more to worry about. Here are a few facts that you may not know:

    42% of users don’t log out after each session

    28% share their passwords

    35% connect with people they don’t know

    As a result, 15% of social media users have had their profiles hacked and impersonated and believe it or not, that equates to a shocking 210 million people who have potentially had their profiles hacked and impersonated, giving criminals even more information to create targeted attacks on a growing percentage of the population.

    Closing Cybersecurity Backdoors

    Instead of shutting down access to social media to remove the risk of phishing through social media, it is incumbent on IT security professionals to enable truly cyber threat prevention protocols and technologies. You can close cybersecurity backdoors by leveraging solutions that use deep inspection and analysis methods that interpret and detect code in real time in order to immediately block threats from affecting your organization.

    Your selected solutions should make no assumptions on threat heuristics and behavior but actually assume that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files. In this way you can be assured that inappropriate code will not enter your IT infrastructure through the inappropriate use of old passwords.

    See for yourself what Mimecast can do to deliver evasion-proof security for your organization today so that you can protect your corner of the world. Learn more here.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top