Social network security

The Trades Union Congress (TUC) has recently published a briefing on online social networking and Human Resources. Almost concurrently IT security and control firm, Sophos, came out with some statistics and some practical advice around the risks of social networking.

Let’s give the TUC the floor first:

The TUC report believes that personal internet access during break times benefits the individual and the company. It postulates that such access, “helps employees develop useful IT skills.”

The report reminds us that breaches of commercial confidentiality or slandering of co-workers or clients is, “much more public, with details now instantly searchable and potentially stored online forever.” It warns companies to intervene early rather than have to work out their response when something goes wrong.

It claims that the UK’s Facebook users are “3.5 million HR accidents waiting to happen.” It would have been more honest to add “eventually” because a large proportion of users have yet to join the workforce.

The report advocates a negotiated (between employers and unions) “reasonable conduct policy” to set out what is expected of employees in their private lives – both online and offline.

It then warns against using Facebook to vet candidates for employment because this gives an unfair advantage to the minority who have profiles on social networks. It says that “ethnicity, sexuality or other criteria” can be deduced from online personal profiles and lead to discrimination.

It’s interesting to see how the TUC mind works.

But then the report gets back to the point and suggests that employees need to be careful about what they put online becuase of the dangers of identity theft and other security risks.

Let’s hand over to Sophos:

In a poll of 600 workers, 50 percent revealed that their companies blocked or restricted access to Facebook at work because of concerns about productivity and security.

Of course, this means that another 50 percent allow access either through indifference or because (8 percent) they feared that workers would complain.

In a separate survey, Sophos discovered that 66 percent of employees believed that their colleagues were putting too much information on Facebook which could lead to identity theft, among other things. It actually proves the point by getting people to hand over their personal information to a plastic frog.

So, both the TUC and Sophos have arrived at the same conclusion.

Sophos goes on to make practical recomendations for safe Facebook use, although the principles can be applied to other social networking services as well.

David Tebbutt is an award-winning columnist and feature writer who specialises on the subject of using software and technology to increase business productivity. He's an analyst with Freeform Dynamics but, in previous lives, wrote for Director magazine, Real Business and was also editor of Personal Computer World. http://freeformdynamics.com