Online social networking (OSN) is a global phenomenon and its use by employees has been reported to be detrimental to organizations. Nevertheless, OSN impacts on organizational information security are rarely discussed in academic literature. This study investigates the use of OSN sites by employees and work-related information disclosed on their personal pages that may jeopardize the security of organizational information. The paper presents the characteristics of work-related information that can be disclosed on Facebook, possibly has the potential to open the doorway for information security threats. It also discusses the qualitative findings from four Malaysian-based organizations under study. Across these four organizations, 22 employees who were active users of Facebook were interviewed to obtain their OSN experience, to explore information they disclosed online and the underlying reasons for doing so. The findings will facilitate our recommendation for organizations to minimize this issue by understanding the behavioural facets of information security.
Nuha, Nurul and Molok, Abdul, "Disclosure of Organizational Information by Employees on Facebook: Looking at the Potential for Information Security Risks" (2011). ACIS 2011 Proceedings. 78.