Employees’ images on social media are a major threat to staff members and companies. Although social media might make us feel a lot more linked, it’s also a fountain of knowledge for attackers, possibly offering them unlimited access to not only the victim’s sensitive personal data, but to the victim’s employment organization.

I’ve seen a pattern on social media where individuals are posting photographs of their new staff ID badges (“badge bragging”). Although this doesn’t seem like a big deal, it may possibly give a web villain adequate info to damage personal or company security systems. An instance concerned an individual who only just started a new job at a renowned healthcare facility. He posted an image of his new personnel ID badge on social networks. With only that particular photo, a cyber criminal could replicate the security barcode and create a bogus badge to gain access to numerous systems. Moreover, the cyber criminal will know the employee’s full name, section he worked in, his particular educational background, and the day he started.

Here's a few best practices organisations can follow to make certain their staff continue being “security smart.”

1. Construct a procedure for staff members that deals with posting photos or details about employment activities on the internet. Give crystal clear examples for acceptable and unacceptable behavior like “Don’t allow your badge to be photographed.” Make sure all staff consent to stick to the procedure. Up-date the policy as required to take into account new social networking tools along with other technology changes.

2. Make security part of new staff onboarding. Instruction for new staff should include training on the policy to prevent any misunderstandings from the start.

Offer some easy suggestions to staff:

- Never let yourself to get photographed with your company id badge. - Never show your id badge when you’re off corporate property. - Maintain positive control over your badge and document it stolen or lost.

3. Regularly reinforce great security hygiene. Use constant communication with employees to strengthen actions, making certain to spotlight any up to date attacker tendencies. In general, “security smart” must be a company-wide matter, so it’s essential to inform all staff to stay secure, not simply for your business but also for their own individual protection too.

It would be great if this wasn’t an issue, but that’s just not the world we are living in. Revealing some personal information online is constantly a risk, one which the majority of us deal with. But sharing an image of your employee id badge on the internet can be as bad as posting your email password on Facebook.