Weblogs, forums and social networks can be used by rivals of the company to obtain sensitive information. In fact, rivals may monitor social networks, blogs, and forums and engage employees of Star SEO, pretending to be average users, who may pose simple questions, which may be not even directly related to the professional work of employees of the company. However, as employees respond and get engaged in the close communication with potential intruders, who want to obtain sensitive information, they provide them with such information directly or indirectly.
The company should undertake such steps as insiders’ tricks recognition, user identification, tracking employees’ mood, creating employees’ risk groups and activities tracking, internal investigations. The company should introduce clear policies of using weblogs, forums and social networks and the use of the sensitive information. Employees of the company should take responsibility of not spreading information related to their work in social networks, blogs or forums. The company should identify those employees, who use weblogs, forums and social networks frequently and include them into the risk group under the strict supervision of the control officer. Furthermore, all activities should be tracked to identify possible attempts of the data leak via social networks, forums or blogs.
Thus, Star SEO focuses on the development of its business but the company needs to enhance its information security system to develop its business successfully. The recent case of the information leak reveals the full extent to which failures of the information security system are dangerous in the contemporary business environment. In fact, the company can fail to succeed, if customers suffer the identity theft or other information breaches provoked by the company. In response to growing threats, the company should focus on the following key channels of the data leaks, including e-mails, instant messengers, and social networks, blogs and forums. The company should focus on the insiders’ tricks recognition, user identification, tracking employees’ mood, creating employees’ risk groups and activities tracking, internal investigations. These measures will help to identify employees, who are vulnerable to information breaches. These employees will be included in risk groups, while the company will track all suspicious activities and communication to identify potential threats to the information security of the company or its customers. The analysis of activities, the control of channels of information breaches, and the supervision of risk groups will minimize the risk of the data leaks and enhance the information security of Star SEO.