——————————————————-
Will Facebook get you Hired or Fired?
A friend of mine told me a story about his mother who would always know when he got into the candy jar without asking. As a small child he couldn’t figure out how his mom could be omniscient. He thought that was reserved for Deity and Santa Clause. When he got a bit older, he asked his mom how she did it. With a smile she told him that his fingers would be various colors from the candy coating and his mouth would have chocolate smears.
Facebook is like that candy jar and our employers or perspective employers are like my friends mom. Companies look at social networking sites such as Facebook, Myspace, Twitter, LinkedIn, Bebo, Friendster and others with mixed emotions. On the one hand permitted use attracts younger employees, a friendly culture, creative sharing of ideas, and encourages friendships between coworkers. On the other hand, it can have implications with information security, liability, productivity, bandwidth consumption, and more.
Are social networking sites making an impact? Well, governments are considering monitoring them, human resource departments are using them to screen applicants, authority figures have been known to infiltrate them in cyber disguise, and worms and Trojan horse software have been written specifically for them. I think it is safe to say that, Yes, social networking sites are impacting our lives.
As of April 2009, Facebook is about 200 million members strong. With the viral and addictive qualities it has, employers have become concerned. About half of all companies use web content filtering or black lists to block employees access to social networking sites. Do they have a right to be concerned? Look at these statistics from the March 2, 2009 issue of Fortune Magazine.
- The typical Facebook user spends an average of 169 minutes a month on the site, where Google News gets 13 minutes and the New York Times website gets ten minutes.
- Facebook total daily minutes went from 1.1 billion to more than 3 billion in the last 12 months.
- Facebook users who update their status daily went from 4 million to 15 million in the last year.
- The Facebook user base doubled in that same time.
- It took 14 years for cell phone usage to reach 150 million units sold while Facebook members reach that in a mere 5 years. One of the fastest adoption rates in history.
Whether you are an avid user of social networking sites, know someone who is, or are concerned about your company’s exposure to the risks of them, you need to stay safe. Criminals and those with less than honorable intentions are using these sites in ways we do not expect…and do not want!
Be Aware
Users should be aware that 30% of companies are using social networking sites to learn about applicants as they interview for jobs. Even a photo or brief description of a user can offer insight into an applicant that is valuable for companies.
Be cautious of who you add as friends. There are known cases when someone takes on the identity of others, becomes an online friend, and then gathers other information about you, your contacts, associations, interests, group affiliations, etc. This information can be used for fraud, social engineering, and other criminal activity.
Be conscious of what you post. Assume that the entire world can view your comments, videos, pictures when you post. Ask yourself if you would want your boss, mother, priest, and spouse to see what you put out there…because they just might. Don’t trust any site to keep your content private and remember THE INTERNET NEVER FORGETS. All it takes is one night of partying and ending up with less than fully clothed pictures on the Internet that spread like wildfire.
Phishing is a common method cyber criminals use to lure individuals into giving up their personal information. Spear phishing is where the criminals target a specific group of users, for example all customers of a particular bank or credit union. Whaling is an even more directed attack at one particular person. Although these attacks are often directed towards high net worth individuals, hackers get the majority of information necessary to commit these crimes from social networking sites and other online databases.
Many companies have or are imposing Internet use policies. Be sure you understand what it says because your HR department will probably want you to sign and tie your employment to it. If Internet abuse is going on (based on whatever their definition is which could include reduced productivity) you could lose your job. This could be Facebook, day trading, sports sites, and a myriad of other places on the net.
An Internet use policy could outline surfing as something that negatively impacts business processes. You might not know it, but if your Facebook friend sends you a link to the latest High Definition movie and you download it, that could saturate the Internet bandwidth for the company and bring legitimate business communications to a halt.
There are cases where someone was viewing inappropriate adult material on their computer and a coworker walked by and saw it. This often leads to lawsuits against the company and often the termination of the offending employee. Offenses that may lead to termination can also include slandering a coworker on a social networking site.
Be Safe
People are generally more caution about messages in email than they are when they get a link, chat, text, post, or something else within a social networking website. For some reason, we turn off our defense once we are logged on. In fact, people are ten times more likely to click on a link sent to them in a social networking site than in regular email. Cyber criminals use this to their advantage. In the last year there has been a huge upswing in the variety and frequency of these types of attacks. Phishing attacks, Trojan horse programs, and malicious software can be used compromise your identity.
Facebook has already experienced its fair share of worms, like Koobface, which sends you an email that appears to be from one of your friends and directs you to a YouTube video where you are directed to download some new software. This software is in fact a Trojan horse program that infects your system.
These methods can also be used to compromise your computer which can lead to bank account compromise, and if you are at work, spread and infect other systems. This can lead to the total compromise of the company you work for resulting in millions of dollars in damages, lawsuits, lost business, fines, and more. The average cost of a data security breach for a company is 6.6 million dollars.
Remember that if you are infected with malware or a Trojan horse program, you likely would never know it. Your system would simply be under the control of a hacker and be used to capture your usernames and passwords, gain access to your online bank accounts, launch attacks against other systems, relay SPAM, or take full remote control.
Social networking sites are here to stay. Use these sites as tools. Be sure they don’t keep you from your dream job or put you in the unemployment line.