Facebook logo stuck in the sand on the beach.
PHOTO: mkhmarketing

Facebook’s first user conference featuring its enterprise collaboration tool, Workplace by Facebook, was by all accounts a success. There were a bunch of announcements, including a number of needed additions to the app, and lots of talk about the role of Workplace in a collaboration space dominated by Microsoft Teams, Slack and G Suite. There was, however, a major cloud hanging over the conference. That cloud, of course, was the “security issue” that Facebook had to deal with at the end of September.

At the time of the incident, not many details were released, but it became clear very quickly that it was a major breach. In fact, new details, which Facebook released last week, revealed that the company was forced to log out 90 million users last month and that the incident directly affected 29 million people on the social network.

Vulnerable Facebook Probe

A post by Guy Rosen, vice president of product management at Facebook explained what happened. He wrote that attackers exploited a vulnerability in Facebook’s code that existed between July 2017 and September 2018. The vulnerability was the result of a complex interaction of three distinct software bugs and it impacted “View As,” a feature that lets people see what their own profile looks like to someone else.

Using these vulnerabilities, it enabled attackers to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they do not need to re-enter their password every time they use the app.

The result is that for 15 million people out of the 29 million impacted, attackers accessed two sets of information — name and contact details (phone number, email, or both, depending on what people had on their profiles). For 14 million people, the attackers accessed the same two sets of information, as well as other details people had on their profiles. This included username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birth date, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website  as well as people or Pages they follow.

Rosen was very clear about what products were affected. The attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Pages, payments, third-party apps, advertising and more importantly Workplace.

However, the reputational damage is huge especially given that Facebook is pushing hard to build traction for Workplace in an extremely competitive space. Any kind of question mark over data security and privacy is a problem. So, having said all that, does Facebook still have a place in the enterprise?

Related Article: Forrester's Top 10 Picks for Social Media Management Tools and Software

Is Facebook’s Role Tainted?

Despite this recent breach it would seem the answer is yes, enterprises are still willing to use Workplace for digital marketing strategies. However, James Pollard, owner of the TheAdvisorCoach.com marketing consultancy says that it would be naive to think that things are the same (or even improving) as more and more consumers are turning away from Facebook because they're concerned about their security, tired of the platform or just have other reasons for tuning out. “My view is that you should continue to use a marketing strategy until it is no longer profitable. Even though Facebook ad costs have been rising in the past two years, there are some advertisers who are consistently profitable,” he said. “They should keep using Facebook. Still, they should understand that Facebook's recent hacks will only make things worse and [they need to] plan accordingly.” Whatever you do, he warned, do not depend on Facebook as your sole marketing strategy.

This will probably come as a relief to Facebook given the investment it has made in making Facebook a top digital marketing tool. Only last week at Flow it announced that its twin video chat devices, Portal and Portal+, will be available in November. The devices use artificial intelligence (AI) to create a more interactive, realistic chat experience that reacts to callers’ movements by automatically panning in and zooming out, and adjusting sound levels. The Portals also include Amazon’s voice-controlled Alexa.

Are Social Networks Worth The Effort?

Steve Mindrup, CCSK and ISO lead of Tampa, Fla.-based Schellman & Company, an independent security and privacy compliance assessor, said that the problems simply highlight concerns that already existed. This is something we have come to expect on the popular social network, he said. “We find ourselves asking, yet again, is it worth the trouble?”

He said when it comes to using the platform in the enterprise for your business marketing strategy, Facebook still has a place, for now. When Facebook first launched it's IPO in 2012 the initial changes made to favor advertisers were a nuisance to users, but over time proved to be an extremely valuable tool in understanding behavior and targeting ad spend to a very specific demographic, if desired. “However, organizations have to start looking objectively at the future of the platform and ask what's next,” he said. “With issues like these and fake likes/followers still muddying the waters of engagement analytics, not to mention the younger demographic being lost to alternative platforms like Instagram, Snapchat, and others where the clutter associated to Facebook feeds have not yet arrived and where genuine content can be king again.”

He pointed out that given the sheer breadth of the platform's user base — it cannot be completely abandoned, but “the good 'ol days” are now behind us. “There is light at the end of this tunnel — the competition and industry that is emerging when it comes to targeted and social advertising. The future is bright and hopefully, lessons will be learned,” he added.

Related Article: 8 Ways to Justify Your Social Media Marketing Program

Workers Stay Engaged

In practical terms there does not appear to have been a slowdown in use, although these kind of issues take months, even years before the full impact can be determined. On a day-to-day basis, though, Carol Archebelle, digital media manager of the Foundations Wellness Center in Port St. Lucie in Fla., which uses Facebook for marketing, said the impact so far has been small. “We haven't seen any less engagement or slowdown in the growth of our follower base since the attack. It seems to be something that is on people's radar, but hasn't changed their Facebook habits much,” she said.

She drew a parallel to an incident in July where a number of gas pumps in Florida were found to have illegal card skimmers. Thieves were using them to steal account numbers and commit fraud. Folks didn't stop pumping gas, they just used a credit card or cash instead of a debit card to protect themselves from fraud.

“Facebook,” she said, is like any other medium and subject to occasional scams. Most people realize this, and take precautions, but don't quit using the medium itself. Facebook is a part of the culture, it's firmly ingrained at this point, and it remains critical to our marketing strategy. It's word of mouth marketing, times a hundred.”