New research from the Ponemom Institute and Lumension, shows that a majority of firms are struggling to secure data as users quickly adopt new and emerging technologies such as mobile, cloud computing, and collaborative Web 2.0 technologies. The study, which surveyed IT security and IT operations practitioners, shows that many (44 percent) feel that their IT network is less secure than a year ago or that their IT security policies are insufficient in addressing the growing threats arising from the use of new technologies. Budgets are also a limiting factor, with many feeling that IT security budgets still aren’t what they need to be to fully support business objectives and security priorities. Other findings from the report:

• 56% said mobile devices are not secure, representing a risk to data security
• 49% said data security is not a strategic initiative for their company
• 48% said their companies have allocated insufficient resources to achieve effective data security and regulatory compliance
• 47% cited a lack of strong CEO support for information security efforts as a reason for ineffective data security programs
• 41% said there was a lack of proactive security risk management in their organization

Just as large companies worldwide struggle to keep up with security, many small businesses do so even more. If you need help understanding the security implications that new technologies bring to your organization, contact us so we can help.

Related articles:

• Companies face IT attacks in uncertain economy: Ernst & Young (newswire.ca)
• Keeping America’s information safe offers a secure career (techburgh.com)
• Cloud Security and Privacy (oreilly.com)
• Computer Security Challenged By Web 2.0 ‘Endpoint’ Growth (Investor’s Business Daily via Yahoo! News) (slumpedoverkeyboarddead.com)

If you have decided to use Social Networking technologies for your business in your marketing, public relations, employee relations, or any other initiative, congratulations – it’s a good move. However, bear in mind that there are some issues you should be aware of before starting.

As we pointed out in a previous post, social networks allow people to create communities on the Internet around shared relationships, interests, and activities. In business, social networks can be used as tool for marketing, public relations, sales, customer service, employee relations, and more. Many case studies show how companies are able to use social network services to generate new leads, strengthen relationships with customers and employees, and improve their business operations.

Here are some guidelines for avoiding pitfalls when implementing a social networking campaign:

1. Filter information. Actively filter personal or private or sensively information about yourself, your company, your employees and partners, and your customers from the information you or your employees post online. Make sure that none of the information you post is covered by any non-disclosure, patent applications, or contractual agreements, which could quickly get you into hot water.
2. Provide value. Post only information relevant to your audience online. Before any post, ask yourself: Is this information interesting and useful to my audience, or does it only serve us? Your audience will quickly tune you out if you continually post marketing fluff and self-serving promotional ads.
3. Be truthful. Be as forthright and honest as possible. Remember that these types of media are interactive and can quickly get around. You’ll find that unhappy customers and disgruntled employees are not shy in posting negative comments about you and your company for all to see – especially if they find you evasive or less than truthful.
4. Be vigilant. Social networking sites are a target for malware, hackers, and all sorts of online fraudsters. Before joining a social networking site, make sure to read their terms of use and privacy guidelines. How secure is their setup? Are they vetted by third-party security and privacy assurance services? Will they share your information with third parties?  Do mechanisms exist to allow you to control who can and cannot see what you share online? Find out and to protect yourself.
5. Provide clear guidelines. Take a cue from IBM and provide clear guidelines on what is and what is not acceptable, and who does and does not speak in behalf of your company. Make sure your employees know the guidelines and follow them. Let them know that whatever they post online can remain there for years to come and could come back to haunt them later on.

Despite the risks of using social networking services, there are risks of not using them as well. If you don’t shape your image on the Web, people will do it for you. Social networks make it quick and easy to set up a basic profile, and that’s the first step toward gaining control of your business’s reputation online.

While everyone is worried about security threats outside the  company’s firewall such as hackers, viruses, and worms, research suggests that the greatest risk may come from none other than the company’s very own employees.

Not all of these risks are necessarily borne of malicious intent on the part of employees. Some risks may come from unwitting participation, temptation, or simply ignorance. Here are just some examples of security risks you should watch out for:

1. Data theft. With the ease with which employees can connect small devices and transport data outside the company’s four walls, the risk of your sensitive data falling into the wrong hands becomes very real. Set up clear guidelines and policies regarding the use of removable storage media. You can, on your own or with the help of your IT consultant or service provider, lock down your PCs to disallow connection to removable drives or portable media devices if appropriate.
2. Data loss. Accidents happen. Set up backup systems so that you can recover data quickly in case employees accidentally delete a file, are unable to secure a PC from viruses and worms, or are careless with the physical state and functioning of their assigned PCs.
3. Data leaks. With the proliferation of multiple channels of online communication such as e-mail and IM, the threat of employees leaking sensitive company data to outside parties is very real. Provide clear guidelines and policies for the proper use of these communication channels in the workplace, and if needed, set up methods to block access to these services. Ask your IT consultant for help.
4. Intellectual property violations. Illegal downloads or the illicit sharing of copyrighted material can also pose a significant threat to your organization. Legal action or the loss of your company’s hard-earned reputation can be debilitating and difficult to get over.
5. Online Phishing and E-mail Scams. In phishing or e-mail scams, deception is used to gain unauthorized access to confidential data. Make sure you or your IT consultant set up filters to block such e-mails, or use security software to block access to this type of website.
6. Lax/missing access controls. Be prudent and place access control policies on key information resources within your organization, such as e-mail or your accounting system. Provide each employee with access only to relevant information needed to complete his or her particular job.

It’s not easy to protect yourself from security breaches, especially when they come from within your organization. Get advice from an expert. Contact your IT Service provider today to find out more.

Related articles:

• Workers ’stealing company data’ (news.bbc.co.uk)
• Gasp! Fired workers are taking confidential data (news.cnet.com)
• A multilayered strategy helps neutralize internal security threats (techrepublic.com)

Social Media such as Blogs, Micro-blogs, Wikis, and Social Networks are not only helping many people communicate and connect, but are also powerful tools for business as well. They can be used to promote your products and services, engage customers in meaningful conversations, network and develop new relationships, or simply to distribute information about your business online. Recently, the media has been awash with reports about Facebook, LinkedIn and Twitter, but many of you may be unclear about the concept, or unsure of its relevance to your business activities. Learn more about this new media online. Get to know how these tools can benefit your business or contact your IT Consultant for advice.

Related articles by Zemanta:

• More notes from “Social Media Marketing”
• Social Media Marketing Industry Report
• The 4 Customer Types of Social Media
• The Five Myths of Social Media
• Using social media to network