Original Research
Narrative review: Social media use by employees and the risk to institutional and personal information security compliance in South Africa
The Journal for Transdisciplinary Research in Southern Africa | Vol 17, No 1 | a909 |
DOI: https://doi.org/10.4102/td.v17i1.909
| © 2021 Obrain T. Murire, Stephen Flowerday, Kariena Strydom, Christoffel J.S. Fourie
| This work is licensed under CC Attribution 4.0
Submitted: 04 July 2020 | Published: 18 February 2021
Submitted: 04 July 2020 | Published: 18 February 2021
About the author(s)
Obrain T. Murire, Department of People Development and Technology, Faculty of Business Sciences, Walter Sisulu University, East London, South AfricaStephen Flowerday, Department of Information Systems, Faculty of Commerce, Rhodes University, Grahamstown, South Africa
Kariena Strydom, Department of People Development and Technology, Faculty of Business Sciences, Walter Sisulu University, East London, South Africa
Christoffel J.S. Fourie, Department of Research Development, Faculty of Science, Engineering and Technology, Walter Sisulu University, East London, South Africa
Abstract
Social media platforms have become essential to organisations in developing countries as they can offer a business advantage. This comes with security risks and privacy concerns as numerous scientific literatures have testified. Although the majority of employees are using social media privately and at the workplace (using the same device such as a smartphone), some organisations have not effectively established information security awareness programmes to protect their electronic information backbone. It is a fact that professional hackers are prowling constantly to gain access to systems of organisations and sometimes employees make naïve mistakes that can open the door to cyberattacks, which exploit vulnerabilities in the organisation’s system. The current Coronavirus Disease 2019 (COVID-19) crisis is a prime example where employees and students are encouraged to work from home. No organisation does have complete control over the security measures each employee has in place for his or her private connection. This study applied a desktop review to identify the cyber risks associated with social media use at the workplace. A scoping literature review gathered the data following a qualitative approach. The theories of reasoned action and deterrence were used as a theoretical foundation for the study. A model is proposed to enhance employee information security compliance when using social media at the workplace and demonstrates how awareness strategies can be employed to improve employee information security compliance. It is recommended that organisations implement methods to minimise social media risks to ensure that the integrity of information is preserved through these awareness programmes to employees.
Keywords
COVID-19 pandemic; cyberattacks; information security awareness; internal control; punitive measures; risk; social media; social media policy.
Metrics
Total abstract views: 4315Total article views: 4841