Product Family


Disgruntled customers and employees have substantial power in the world of social media. A number of companies have recently found themselves ‘cleaning up’ from viral mishaps -- from clothing companies promoting sales during Superstorm Sandy to an appliance company’s accidental political tweet from an employee on the corporate Twitter account. News, opinions and any comment can travel like wildfire online. And all the “Likes” in the world, can’t overcome a blunder in the social media world. Reputations are at stake.

For many businesses, social media offers unbelievable opportunities to regularly interact with customers, strengthen relationships and reach new markets to name a few. As more businesses build a social media presence, however, they may find themselves exposed to reputational attacks, hackers, privacy breaches, and a host of other online concerns. Like most good opportunities, it becomes a matter of managing the risks to reap the benefits that social media offers.

Increased vulnerability

Businesses strive to get information about their products and services out to their customers. But no business wants misinformation, rumors, or proprietary information spreading at high speed across social networks. Whether employee or customer information gets into the wrong hands or an employee innocently shares corporate information in a status update, social media is presenting a growing number of challenges to businesses.

The most common risks that social media tools present for corporations include: – Viruses and malware: Acquired from use of social networking sites, they can result in data leakage, theft, service disruptions and more. Fortunately, antivirus and anti-malware controls can be installed and updated daily. – Lack of control over corporate content: Employees, competitors, and even customers can post wrong or improper information on social media sites. That’s why it is important to establish clear social media policies within a company to outline what can and cannot be shared and monitor a company’s online presence continuously. – Brand hijacking, such as a brand being impersonated on Twitter, Facebook or other social site. In one recent example, a pharmaceutical spam campaign promoting a supposedly "Google-accredited" online pharmacy, essentially hijacking Google’s brand for their benefit. – Unrealistic Internet-speed, customer service expectations: Social media allows us to send information quickly and it may also build a customer expectation that a company response or service will be delivered as quickly. Therefore, it is important that companies ready themselves to handle the business generated by a bigger social media presence and manage how quickly they will be able to respond. – Mismanagement of electronic communications: Because of retention regulations or e-discovery requirements, many businesses must keep track and hang on to a variety of communications When dealing with social media, they need to establish policies and processes that ensure all communications are tracked and properly archived to avoid regulatory sanction, fine or legal action.

Striking a Balance

Some of the biggest social media challenges being faced by corporations are the use of social media by employees both on and off the job. Many companies have established policies about communicating work related information and social media use during work hours, but what about employees’ social media use on their own personal time? Could an employee’s comments about her supervisor on Facebook damage a company’s brand?

Employees may also harm the business and its brand though simple association, uploading inappropriate comments or other content in their personal lives that is perceived to reflect on the company.

Online exposure is no different than print or oral communications when it comes to employee privacy rights. For protection against privacy and libel risks companies are opting for added insurance protection that includes protection for media liability because they are now participants in online activities, which, carries the same liabilities as traditional media. Additionally, companies are looking at their social media strategy to assure that it recognizes legitimate rights of employees, and then to train all employees appropriately about the policy.

Establishing a collective understanding

Part of the risk management strategy must focus on developing a collective understanding of the nature of informational and reputational risk -- and gain employee support to help identify, manage and control that risk. Privacy policies need to be tailored to each company and allow employees to utilize the value that social networks bring and provide the guidelines that participation brings as well.

Implementation of the appropriate security tools, technology, training, employee policies and insurance coverage is critical in social media risk management. Companies that learn to blend the latest security and privacy controls and build a corporate culture of risk awareness and respect have the greatest chance in finding a middle ground and skillfully balance the risks and rewards of social media.

Scott Schleicher is vice president and cyber risk product manager and Steve Anderson is vice president and senior underwriter in XL Group's Select Professional business.   

To contact the author of this story, please complete the below form

Invalid First Name
Invalid Last Name
Country is required
Invalid email
Invalid Captcha

Global Asset Protection Services, LLC, and its affiliates (“AXA XL Risk Consulting”) provides risk assessment reports and other loss prevention services, as requested. In this respect, our property loss prevention publications, services, and surveys do not address life safety or third party liability issues. This document shall not be construed as indicating the existence or availability under any policy of coverage for any particular type of loss or damage. The provision of any service does not imply that every possible hazard has been identified at a facility or that no other hazards exist. AXA XL Risk Consulting does not assume, and shall have no liability for the control, correction, continuation or modification of any existing conditions or operations. We specifically disclaim any warranty or representation that compliance with any advice or recommendation in any document or other communication will make a facility or operation safe or healthful, or put it in compliance with any standard, code, law, rule or regulation. Save where expressly agreed in writing, AXA XL Risk Consulting and its related and affiliated companies disclaim all liability for loss or damage suffered by any party arising out of or in connection with our services, including indirect or consequential loss or damage, howsoever arising. Any party who chooses to rely in any way on the contents of this document does so at their own risk.

US- and Canada-Issued Insurance Policies

In the US, the AXA XL insurance companies are: AXA Insurance Company, Catlin Insurance Company, Inc., Greenwich Insurance Company, Indian Harbor Insurance Company, XL Insurance America, Inc., XL Specialty Insurance Company and T.H.E. Insurance Company. In Canada, coverages are underwritten by XL Specialty Insurance Company - Canadian Branch and AXA Insurance Company - Canadian branch. Coverages may also be underwritten by Lloyd’s Syndicate #2003. Coverages underwritten by Lloyd’s Syndicate #2003 are placed on behalf of the member of Syndicate #2003 by Catlin Canada Inc. Lloyd’s ratings are independent of AXA XL.
US domiciled insurance policies can be written by the following AXA XL surplus lines insurers: XL Catlin Insurance Company UK Limited, Syndicates managed by Catlin Underwriting Agencies Limited and Indian Harbor Insurance Company. Enquires from US residents should be directed to a local insurance agent or broker permitted to write business in the relevant state.