Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Enterprise ServicesGovernment: Federal, State and Local

3 Social Media Security Risks for Government Employees

By Greg Kushto
cell_enews
November 10, 2015

These days, everyone, even government employees, are on social media.  Some agencies even allow for limited personal use of government resources such as laptops and official time to check or update social media. But when could the Facebook and Twitter habits of government employees be putting their agencies – and the publics they serve – at risk?

Connecting With People You Don’t Know

Social media makes it easier than ever for people all over the world to connect with one another. For government employees, though, connecting with someone that they don’t actually know can pose a serious security risk. It is very easy for an adversary to create a false Facebook account and then begin “friend”-ing people who are either known as government employees or identify themselves as such on social media. Once these adversaries have connected with employees, they can track status updates, new connections, even likes and shares to begin to put together a picture of what is going on at an agency and potentially use that information for their own gain.

To prevent adversaries from gathering this information, it’s critical that government organizations remind employees that there’s no reason to friend or connect with someone on social media if they don’t actually know that person. Agencies should establish social media security policies that require employees to validate the identity and authenticity of a new connection before allowing access their social profiles.

Sharing Too Much Information

In addition to being careful about who they connect with, it’s critical for federal employees to be extra cautious about what information they share on social media. Seemingly simple updates such as “Headed downtown for a meeting this afternoon…” or “Excited about spending the next two weeks in Europe” are exactly the types of information that can become dangerous if it falls into the wrong hands.

Unfortunately, government agencies have adversaries out there who are actively trying to get this information. The process of sharing information and connecting with unknowns is something that can easily get federal agencies in trouble, if not through a cybersecurity breach, then with the government itself. There are existing social media policies against these practices, even though many government employees don’t realize it. They’re designed to protect agencies and employees, but both can find themselves in serious trouble if they do not follow and enforce these policies.

Security leaders should have specific policies in place about what information is acceptable for employees to share on social media, and what is not. Security professionals should also work with IT staff and HR professionals to enable employee communications while ensuring they stay secure. Remind employees that when they talk about where they work, being a federal employee, or having access to certain information on social media, they are setting themselves and their agency up as a target. Establish best practices, such as to simply not identify yourself as a federal employee on social media.

Separating Business and Personal

To help government employees enjoy the benefits of social media while at the same time protecting against cybersecurity threats to their agencies, one of the easiest and most foolproof things to do is to keep separate accounts.

In today’s always-connected world, separating your personal and professional lives offline can be tricky, and it’s no different on social media. It’s important to keep in mind the differences between the various social media platforms.

On social media platforms where you might connect and engage with people on a more personal level, such as Facebook or Twitter, it’s best for employees to avoid using their official titles. It can also be wise for employees to add a disclaimer to their profile, stating that the views expressed are their own and not that of their employer.

With professional networking sites such as LinkedIn, employees may choose to include biographical information about their current job status and employment history. This type of identification as a federal employee is acceptable under current policy, and if employees are careful about their privacy settings, who they connect with, and what they share, it also comes with minimal security risks.

It can be tricky for some government employees to balance the line between acting in an official capacity and their lives as private citizens, especially on social media where the lines are easily blurred. Security leaders should encourage employees to establish separate accounts to help keep things clear for everyone. They should also reinforce the fact that interactions on social media are really the same interactions as in real life. If employees wouldn’t share information about their work with a stranger on the street, they shouldn’t be sharing it on social media. 

KEYWORDS: data breach social engineering social media security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Greg Kushto is the Director for Security at Force 3, The Network Security Company.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • social media influencer

    How to reduce security risks for social media influencers

    See More
  • Social Media security risks

    Facing the Risks of Social Media Account Takeovers

    See More
  • socialmedia

    Manage the Risks of Social Media to Reap Business Benefits

    See More

Events

View AllSubmit An Event
  • October 17, 2024

    How to Assess and Hone Your Security Program

    ON DEMAND: In this webinar, Erik Antons, a security risk management executive with more than 20 years of working in the Federal Government, energy, hospitality, and manufacturing sectors, shares his perspective on the building blocks of a successful manufacturing security program.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing