Abstract
Social media plays an immensely important role in business nowadays. With the social media platform and interactions continuously growing, an increasing number of organizations are engaging into it. The idea of collaboration via social networks is also a growing trend. Although social media benefits the companies, it also poses certain threats. Companies have the likelihood facing privacy invasion as well as encountering leakage of confidential and sensitive data. As a result, firms tend to bear a reputational risk within this social media era which is undoubtedly caused by the lack of information security.
This paper discusses the information security risks caused towards social media. It examines three important aspects: privacy, data leakage and human factors. The study uses interviews and surveys as research instruments in order to prove that these issues are critical and overlooked. In the discussion part, it highlights the reasons for which the aforementioned concerns are generated by the companies and the existing problems. Furthermore, in order to ensure information security and to eliminate the risks, a management strategy containing policy, SETA (security education, training and awareness) and technical control are proposed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Statistics Sweden. ICT usage in enterprises 2013: Enterprises use social media to develop their image (October 29, 2013), http://www.scb.se/en_/Finding-statistics/Statistics-by-subject-area/Business-activities/Structure-of-the-business-sector/ICT-usage-in-enterprises/Aktuell-Pong/15318/Behallare-for-Press/ICT-usage-in-enterprises-2013/
Zupan G.: Usage of social media in enterprises, Slovenia, 2013 – final data. Statistical Office of the Republic of Slovenia (October 7, 2013). http://www.stat.si/eng/novica_prikazi.aspx?ID=5799
ISACA, Social Media: Business Benefits and Security, Governance and Assurance Perspectives. An ISACA Emerging Technology White Paper (2010), http://www.isaca.org/Groups/Professional-English/security-trend/GroupDocuments/Social-Media-Wh-Paper-26-May10-Research.pdf
Liau, Y.Q.: Top 5 social networking business threats. ZDNet (February 1, 2010), http://www.zdnet.com/top-5-social-networking-business-threats-2062060912/
Sophos. Security Threat Report 2012. Sophos Ltd. (2012), http://www.sophos.com/medialibrary/PDFs/other/SophosSecurityThreatReport2012.pdf
Saunders, M., Lewis, P., Thornhill, A.: Research Methods for Business Students. Financial Times/Prentice Hall (2007) ISBN: 9780273701484
Cisco. Data Leakage Worldwide: Common Risks and Mistakes Employees Make. Cisco Systems, Inc. (2008), http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-499060.pdf
Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In: The 18th International World Wide Web Conference (WWW 2009), April 20-24, pp. 551–560 (2009) ISBN: 978-1-60558-487-4
Rose, C.: The Security Implications of Ubiquitous Social Media. International Journal of Management and Information Systems 15(1), 35–40 (2011)
McCullagh, D.: Why no one cares about privacy anymore. CNet News (March 12, 2010), http://www.cnet.com/news/why-no-one-cares-about-privacy-anymore/
Gundecha, P., Barbier, G., Liu, H.: Exploiting Vulnerability to Secure User Privacy on a Social Networking Site. In: 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2011), pp. 511–519 (2011) ISBN: 978-1-4503-0813-7
Kim, H.J.: Online Social Media Networking and Assessing Its Security Risks. International Journal of Security and Its Applications 6(3) (July 2012)
Oehri C., Teufel S.: Social Media Security Culture. In: Information Security for South Africa (ISSA), August 15-17, pp 1–5 (2012) ISBN: 978-1-4673-2160-0
Briggs, R. Edward, C.: The Business of Resilience: Corporate security for the 21st century. Demos (2006), http://www.demos.co.uk/files/thebusinessofresilience.pdf
Siponena, M., Pahnila, S., Mahmoodb, A.: Factors Influencing Protection Motivation and IS Security Policy Compliance. Innovations in Information Technology, p. 105 (November 2006) ISBN: 1-4244-0674-9
Inglesant, P., Sasse, M.: Information Security as Organizational Power: A framework for re-thinking security policies. In: 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST), pp. 9–16 (September 8, 2011) ISBN: 978-1-4577-1182-4
Liu, S., Kuhm, R.: Data loss prevention. IT Professional 12(2), 10–13 (2010) ISBN: 1520-9202
Hashimoto, G.T., Rosa, P.F., Filho, E.L., Machado, J.T.: A Security Framework to Protect against Social Network Services Threats. In: Fifth International Conference on Systems and Networks Communications (ICSNC), August 22-27, pp. 189–194 (2010) ISBN: 978-1-4244-7789-0
TechNet. Best Practices for Enterprise Security. Microsoft, http://technet.microsoft.com/en-us/library/cc750076.aspx
Cisco. Data Leakage Worldwide: The Effectiveness of Security Policy. Cisco, http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/Cisco_STL_Data_Leakage_2008_.pdf
Information Security Breaches Survey 2013. Department for Business, Innovation and Skills, https://www.pwc.co.uk/assets/pdf/cyber-security-2013-technical-report.pdf
Whitman, M.E., Mattord, H.J.: Principles of Information Security, 4th edn. Course Technology, Cengage Learning (2012) ISBN: 978-1-111-13821-9
Almeida, F.: Web 2.0 Technologies and Social Networking Security Fears in Enterprises. International Journal of Advanced Computer Science and Applications (IJACSA) 3(2), 152–156 (2012)
Xia, H., Brustoloni, J.C.: Hardening Web Browsers against Man-in-the-Middle and Eavesdropping Attacks. In: Proceedings of the 14th International Conference on World Wide Web (WWW 2005), pp. 489–498 (2005) ISBN:1-59593-046-9
Thomson, G.: BYOD: enabling the chaos. Network Security 2012(2), 5–8 (2012), doi:10.1016/S1353-4858(12)70013-2
Putchala, S.K., Bhat, K., Anitha, R.: Information security challenges in social media interactions: Strategies to normalize practices across physical and virtual worlds. In: 2013 DSC Best Practices Meet (BPM), pp. 1–4 (July 12, 2013) ISBN: 978-1-4799-0637-6
Jones, K.J., Bejtlich, R., Rose, C.W.: Real Digital Forensics: Computer Security and Incident Response. Addison-Wesley Professional (2005) ISBN: 0321240693
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tse, D.W.K., To, D.H., Chen, X., Huang, Z., Qin, Z., Bharwaney, S. (2014). An Investigation of How Businesses Are Highly Influenced by Social Media Security. In: Wang, L.SL., June, J.J., Lee, CH., Okuhara, K., Yang, HC. (eds) Multidisciplinary Social Networks Research. MISNC 2014. Communications in Computer and Information Science, vol 473. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45071-0_25
Download citation
DOI: https://doi.org/10.1007/978-3-662-45071-0_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45070-3
Online ISBN: 978-3-662-45071-0
eBook Packages: Computer ScienceComputer Science (R0)