Third: Don't expect end-users to be security experts.
End-users, no matter how security conscious, are the number-one security risk in any organisation, so don't leave the security of your business data up to them. While user education is important, you have to ensure your employees are protected, wherever they work, at any time. Social engineering tactics that entice people to download malware through the latest celebrity or disaster videos, cheap goods, online pharmaceuticals and more will continue to evolve as today's scams become less effective. Remember: malware will always try to be two giant steps ahead of your users. It's up to you to ensure a user's poor judgment doesn't put your business at risk.
Why is all this necessary?
As more businesses like yours adopt social networking for communication purposes, the lines between business and personal use will continue to blur. To ensure your business can benefit from Web 2.0 technologies without exposing them to the risk of malware 3.2, you need a security 3.3 strategy in place. A security approach that combines a cloud-based intelligence community with real-time Web filtering and malware scanning at the gateway is critical to maximising the business benefits of social networking while minimising the security risks.
Sasi Murthy is technology director, Blue Coat Systems Inc.
Sign up for CIO Asia eNewsletters.