One in six (17%) UK employees consider social networking such as Facebook and LinkedIn a major risk to corporate security, according to new research from global risk consultancy Protiviti. The research also found that three in ten (28%) believe that social networks such as Facebook and LinkedIn pose a real risk to their own personal security.

The use of social networking within UK businesses has soared in recent times, with employees using Facebook, LinkedIn and Twitter for marketing and other processes, including recruitment. However, according to Protiviti’s research, privacy and security are major concerns for users, with employees calling for clearer guidelines on social media usage in the workplace.

When asked whether employers should do more or less to explain to staff the principles of using social media in the workplace, 27% of workers said that more should be done, with a mere 3% saying less. Those aged 55 and over would like to see clearer guidelines on the use of social media, with one in three (30%) expressing a need for this, more than any other age group.

Unsurprisingly, the biggest users of social networking sites are those workers aged 18-24 years, with nearly three quarters (74%) claiming to engage with them every day. This contrasts with 21% of those aged 55-65 years, highlighting the continued generational divide faced by organisations.

The true power of social media has become apparent during the last couple of years. On websites such as Facebook and LinkedIn, manageable incidents can turn into major crises if not responded to in a timely and appropriate manner. Mishandled social media situations, often widely reported in the traditional media, demonstrate the potential risk to corporate reputations.

Jonathan Wyatt, Managing Director, Protiviti UK said: “The big challenge for organisations is that public and private use of social networking sites has blurred. On one hand, employees are using social networking tools for managing activities in their private life – but accessing these tools from corporate systems. On the other hand, employees are being asked to carry out specific tasks relating to work via the same social networks.

Opening up access in the workplace to social networks can create long-term benefits, however, there are many risks involved, including information security breaches.”

Key security risks highlighted by Protiviti include:
• Potential leakage of sensitive information
• Unintentional upload of Trojans or viruses to employees’ computers
• Increased targeting of individuals who are associated with the company for social engineering attacks
• Individuals falling prey to fraudulent scams

Jonathan Wyatt said: “By allocating direct responsibility and establishing a unified risk management process, organisations can start to mitigate the threats they face. In some companies, however, social media risk isn’t even on the agenda; it is only when serious loss of information and or theft occurs that this subject is given priority.

“Social media has provided a new environment for criminals seeking an alternative way to commit fraud and other crimes. Employers must set out clear guidelines to help control information supplied, and which, when shared via social networks, will benefit a company’s internal and external image. Having social media guidelines in place allows management to regulate the control of internal and external information by employees. This not only mitigates the risk of reputational loss through error or fraud, but also reduces the likelihood of information being leaked externally.”