As human resources teams onboard their summer interns, they’ll notice that many are eager to celebrate their first day by sharing photos online. It may even be tempting for social media teams to post a picture on the company’s social media pages to officially welcome the new interns. But before posting that #CompanyName, #WorkLife, or #FirstDayofWork photo, consider the security risks that might pose for your company.
When an intern posts a photo of their desk or company badge or streams a “day in the life” video, sensitive information is often inadvertently revealed and can be used by hackers to cause harm to an organization. Using these social media posts, these hackers may find passwords on sticky notes, software systems on desktop screens and other confidential company data lurking in the background that helps them plan their attacks. They can also replicate security badges to walk into companies, unchallenged, and obtain access to valuable information. I would know — I’m a hacker myself. The difference is, the “victim” company has hired me to do it.
In my role as “Chief People Hacker” for IBM X-Force Red, companies hire us to test their security. I spend my days discovering information about our target via research, and often, using that information to break into their office space. Social media is my first stop for finding information that can help get me through the doors of a company.
Please select this link to read the complete article from TLNT.