When things go wrong with a product or service, we check on the vendor’s website or manuals for help. If we need to know about upcoming news or events, we look at press releases or a blog by a particular company. If the concern is a security and privacy matter, we expect announcements or advice (advanced notice or response) from vendors via their websites or blogs.When a security issue is associated with a company or business’s product or service it is important that it be addressed or responded to–by the companies or its representatives–whether it is published as a press release, on the company’s main website or in a blog. Several companies use blogs as a method to announced new products, events and concerns about their products, and below are some of these companies:
Examples of companies that use a blog service:
- Windows team blog, MSDN or TechNet blogs.
- Google Mail blog, Google Online security blog or Chrome blog at BlogSpot.
- Mozilla blog
- CISCO blog
- Dell Community blog
Blogging is quite popular because people can retrieve blog entries posted by a company using a standalone RSS aggregator, e-mail client or browser. It is similar to creating or publishing press releases that reach customers and readers. However, corporate blogging may pose issues or concerns.
What Are the Corporate Blog Security Issues?
Below are some of the concerns that a company using a blog service or software should attend:
Accuracy - Any information that was posted in a company blog represents the company’s stand on the issue. If the blog content contains wrong information about their product or service, it can be embarrassing to existing and potential customers, partners and readers. Before allowing a company representative or a guest blogger to publish an item using a corporate blog, it is important that the information is well coordinated with the team that is involved with the product or service. A person that represents your company and blogs with wrong information can affect a brand’s reputation and recognition.
Privacy – Some blog software or service requires the readers to post a comment on a blog entry. There are blog services and software that require readers to enter the email address, name or location before they can post. It’s recommended to use a blog service that does not sell or share the personal data by readers to a third party without their consent. A link to terms of service should be visible and kept up-to-date if the blog software or service made any changes on the information they’ve gathered by using the service.
Security – When a company starts using a blog, the location where the blog is hosted is a concern. Hosting the blog in the same location where the business data is located is a big concern. Wrong permissions in the blog software or domain and sub-domain settings can put sensitive information at risk. It’s best to use a third-party hosting service to ensure that your business data is not located at the same place where the blog is hosted. If the requirement is to use blog software that the company will host, the administration settings should be reviewed all the time to prevent leakage or theft of customer and business data. Another concern occurs when adding third-party advertisements (e.g. AdSense) that are not controlled by the blog or website administrator that may infect the reader’s computer.
If you already have a company blog and plans to start blogging, it is important to take note of the above-mentioned company blog security issues so that the company name or service and data of customers or readers will not be at risk. Hackers can find their way to using your blog to post as you or company, if the blog software or service is not secure. Make sure that the blog software and servers are fully up-to-date on product and security fixes to prevent known attacks. A third-party blogging service may not be 100% secure and safe, but it helps protecting customer and business data, which should be the primary concern of a company.
Image credit: Blog logo by CoPress.