Social Networking: Understand the Risks

There are many effective and legitimate uses for the Internet. Two of the primary ones are its ability to aggregate and deliver a massive amount of content, and to connect millions of users together regardless of their location or their technology platform. One of the recent trends that takes advantage of these attributes is social networking, such as Facebook, LinkedIn, Flikr, Plaxo, Meetup and Twitter. Because of widespread user participation, combined with more valuable content, social networking has migrated out of the individual/home user domain and into the mainstream corporate — and healthcare — world.

Advertisement

Marion K. Jenkins, PhD

Should you allow employees to access these sites, and if so, what risks should you be aware of?

First off, you need to understand that these sites have no one — at least no one that you can rely on — to monitor content, enforce any rules or keep the bad guys out. You should always be vigilant and assume the worst in terms of risk and of malicious human behavior.

Second, just like with every other useful transport and communication medium such as e-mail, instant messaging and corporate Web sites, social networking platforms have become a vehicle for spreading viruses, spyware, worms, Trojan horses and other malware. Since many of the sites allow — and even encourage — users to post a significant amount of personal information, this increases the risks from identity theft, loss or compromise of corporate data and related threats.

In addition, these platforms are largely “free,” with the costs to set up and maintain the sites being provided by banner ads rather than subscription fees. You should definitely follow the axiom that you get what you pay for. If you read the fine print in these sites’ user agreements, they provide virtually nothing in the way of service level agreements. Therefore you should not count on them for any mission-critical functionality. Do not use them to store any important information or content that is not backed up somewhere else, and do not count on them to communicate vital or time-sensitive information to clients, business partners or other associates. Some of their features may also just not work at times — it is not unusual to see features or even entire sites — to be unavailable for hours at a time.

The best advice is, caveat emptor — let the buyer beware. However, when you are a buyer, and exchange money, you typically have some sort of leverage. In this case, since you are not a buyer, not even that leverage is available.

Marion Jenkins, PhD, is founder and CEO of QSE Technologies, which provides IT consulting services for ASCs and other medical facilities nationwide. Learn more about QSE Technologies at www.qsetech.com.

Advertisement

Next Up in Uncategorized

Advertisement

Comments are closed.