As of 2019, there are 3.499 billion active social media users around the globe. Users spend an average of 142 minutes a day on social media. Whether we like it or not, social media is now deeply embedded in our society’s DNA. It has transcended the boundaries of being merely a way to connect with people to becoming our main source of news and information, means of entertainment, way to learn, a place to collaborate and a platform to conduct all sorts of business transactions from selling to banking. Facebook, Instagram, LinkedIn, YouTube and other major social media platforms are revolutionizing the way we live and interact with the world around us.

Security Issues in Social Media

The existence of BYOD or bring your own device in plenty of organizations expose companies to the dangers in lurking around social media platforms. As employees access social media from their personal devices, it is highly likely that they post and share information from work. For example, an employee attending a new product training might post product specifications prior to its official launch. They might also share information such as internal processes and procedures that customers should not be privy to. In some cases, casual sharing of rants about a co-worker or the company can cause damage to the company’s reputation.

Ransomware is another security issue social media users face. It involves a variety of malicious software that encrypt data in a machine until a sum of money, normally in cryptocurrency is paid. WannaCry global attack in 2017 crippled a lot businesses, especially in the healthcare industry.

When a user’s account security is compromised (normally by social engineering, DNS spoofing or phishing), an organization can be held liable for allowing hackers to perpetuate any one of these security attacks (ransomware, impersonation, stolen passwords and user data breach).

Phishing is another security concern that can be easily facilitated by cybercriminals in social media sites. It usually involves setting up a website that copies that of the company whose customers are targeted in a phishing scheme. Their goal is to convince the individuals that the website belongs to the trusted legitimate company, typically the user’s bank, so that the victim provides sensitive information (such as username, password, email address and credit card information among others.).

Some scammers create social media accounts or websites passing them off as an organization’s. This can trick customers of a company to buy counterfeit items, products or services. Although most customers would not fall for this scam, there will always be some who succumb to it out of their trust in the brand. The organization might not be responsible for the scam, but customers will still expect them to act on it and stop being copied and represented by fraudsters.

Stolen social media account passwords can be a no-brainer for hackers, but it can cause a lot of costly damage to an organization. When an outsider uses a stolen password to log in and make changes to the company accounts, this will cause a huge inconvenience for the organization as they try to manage a PR crisis and conduct recovery to put accounts back to their normal state. If a hacker gets a hold of a business social media account, he can do a lot of damage in a few minutes (i.e. sending customers links to ransomware) as owners try to prove ownership of the account and trigger a password reset.

Social Media Awareness through eLearning

E-learning can make boring social awareness training engaging and interactive. E-learning strategies can be leveraged to make it a living and up to date resource for employees.

Online learning makes reaching globally dispersed employees possible, specifically in organizations that impose one generic social media policy across all regions. E-learning can be consumed by employees no matter where they are and they can get the knowledge as the need arises. Providing training on policy updates is more convenient in the online mode.

A company that decides to use eLearning for social media awareness training can make use of strategies such as gamification, scenario-based assessments or simulations to raise the training engagement. Gamification which utilizes badges, points, and leaderboards can propel the employees towards completing the mandatory social media training. It is an instrument to engage, recognize, and compensate employees who go through and later apply the training at work.

Scenario-based training can be useful for adding real-life examples in training for social media managers or individuals in the company who are responsible for social media operation. Scenarios can be written to recreate a bad social media situation or an increase in media activity. The learner’s responses to these simulations will help evaluate their level of preparedness to handle similar situations. The feedback coming from the results will help them identify their current skills level and motivate them to learn more.

Social media awareness training will not transform the behavior or employees overnight, so there has to be a consistent effort to build a culture of using safe social media practices. Platforms and privacy policies keep evolving, so employees should be updated on such changes, which is easier done in their own pace at their own time online. When a new batch of new hires arrive, they also need to be trained, so it should be part of onboarding training to highlight the company’s mandate on the correct use of social media. eLearning makes this feat less costly and easier to accomplish.

Like any training intervention, a follow up training must be done regularly and consistently to reinforce good social media practices. Quarterly online assessments, frequent reminders through bite-sized learning, and an accessible collection of supplementary materials online resources such as videos, case studies, articles, or best-practice guides can help with learning sustainment.

An effective and efficient social media awareness training makes employees feel positive about sharing content online while doing it in a secure and responsible way. They learn to distinguish between what is acceptable and what isn't , and think about safety first both for themselves and the organization.