How do I dare speak contrary to popular wisdom that claims that anyone can tweet their way to fame and fortune? Because the security risks are growing faster than the opportunities, and chatty tweets are loosening employee lips.
Let's start by addressing the opportunities in social media. Magazines and Web sites run articles that extol the virtues of tweets and blogs. These articles may stimulate circulation but more as a curiosity than a positive ROI. Have any companies actually gained enough new customers to warrant the expense of a full-blown social media effort?
So far, the only large bank engaged in social media is Wells Fargo. Its blogs are largely aimed at displacing customer service calls, not attracting new customers.
In the risk arena, we find social media now serve as a venue for phishers to trick the public into revealing their personal information. Malicious scripts are routinely planted on Facebook and Twitter.
Beyond the risk of cyber crime are the risks posed by socially networked employees. The point of social media is chatting, but too often this innocent behavior reveals company secrets. More disturbing are employees who don't care.
A recent Travelers' survey of 2,000 American adults revealed that they regularly posted work-related information on social media Web sites. More disturbing is the 75 % of those surveyed who said they were "not at all" or "not very concerned" about damage to their professional reputation.
The point is that social media presents several flavors of risk. Threats embedded into pages, phishing and other criminal techniques that exploit the social engineering chat and the unwitting slips of confidential information from employees.
For credit unions, it's best to offer an official Web site for marketing and general member service. As for social media, credit unions should establish a firm policy forbidding employees from referring to work details on these sites.
Are the rewards of social media worth the risk? Some day they might be. But that day has yet to come.
John Jaser manages internet services and security at COCC Inc. He can be reached at 860-674-7205 or firstname.lastname@example.org