Businesses that deal with finances and credit face specific social networking safety concerns that many other businesses do not. From threats to family members in hostage situations to the potential for irrevocable public relations harm, mortgage businesses must consider carefully how to address the security issues that may arise from employee social media use.
Train Personnel to Protect Information
The threats to family members mentioned above happened at a mock robbery a consultant performed for a credit union. The police officers, who were acting as robbers, gathered public information from people's social media pages and used it to threaten a teller's husband. While this was done to prevent actual robberies from taking place, simple information regarding places of employment was enough to give potential thieves the upper hand.
Train your personnel to protect their personal information by removing private data from their social media profiles. Educate them on the various risks of social media use and what the best practices are for using various social media platforms. Further, your company should institute and enforce policies that ensure your employees are taking the proper precautions.
Education is essential to protecting your business from potential scams, hackers, thieves, and other malicious agents who desire to use information from social media. Privacy settings are different on every social media platform, and employees must understand the risk of exposing certain types of information on their personal social media accounts.
Posting something on social media is akin to shouting something out loud in the middle of a crowded room. If the information is something you wouldn't shout in the middle of a food court, do not post it. This is especially true for public settings, on sites like Facebook or the very real public forum of Twitter. Employees need to be educated on the long term consequences of things they post online and the potential backlash it can have on your company’s reputation. Often things go viral so quickly that a mistake cannot be taken back. Before you know it, it has already been screen captured and re-shared.
While most employees are used to the idea of the Nigerian prince scam, sophisticated scammers attempt to perpetuate scams, without ever interacting with their targeted victim. Social networks provide answers to security questions (What is your mother's maiden name?) to people who know how to glean data.
In order to prevent much of the risk of scams associated with social networks, employees need to limit the amount of public information they have accessible on social networks. A good recommendation is to require that employees do not list their place of work on personal social network profiles, since this is a part of the profile that is usually public.
Public Nature of Social Networks
Employees need to know and understand social networks, how to control privacy settings, and the nature of various networks. Some networks allow you to control who sees what, while many social media sites default to public viewing of everything, with only limited control of privacy via direct messages.
Employees also need to be aware of screenshot technology, forwarding functions and other systems for making private communication public. Just because something was sent in a direct message on Facebook or Twitter, that does not mean that it cannot be made public later. Employees should never conduct any public or private discussion of the business's affairs over social media.
Limited but Accessible
While the risks associated with social media sites makes some IT personnel want to block them entirely from a workplace, this only increases risks to the business. Employees will often seek ways around an IT security policy that is perceived as unjust and inflexible. This can potentially breach firewall privacy, introduce added distractions to the workplace, and encourage employees to access sites through less-than-trusted means.
While the many advances in technology increase risks to businesses, these risks can be managed with the right information, education, and company policies. Access Business Technologies uses DeviceGuardian™, a tool that is easily installed on any existing or new device, allowing ABT to securely manage all of your mortgage software, data, and users. DeviceGuardian™ makes all of your devices compliant with Consumer Financial Protection Bureau (CFPB) regulations. Prevent Social Networking scams with DeviceGuardian™ and control whitelisted and blacklisted websites. For more information about mortgage business and IT safety, mobile apps, and remote desktops, please contact us today.