A US teenager has cost her father $80,000 with one Facebook update.

Patrick Snay had previously sued Gulliver Preparatory School in Florida for wrongful dismissal, winning a settlement of $80,000 plus a further $10,000 in back pay.

As part of the settlement Snay agreed to a confidentiality clause.

Unfortunately, he did not do so. Feeling sorry for his daughter, Dana, who had suffered “mental anguish” over his wrongful dismissal case, he promisedto use some of the settlement to treat her to a European holiday.

That was a big mistake.

Minutes after the offer, Dana took to Facebook, telling her friends that “Mama and Papa Snay won the case against Gulliver. Gulliver is now officially paying for my vacation to Europe this summer. SUCK IT.”

The school promptly learned of the social network posting and refused to pay Mr. Snay any of the previously agreed upon settlement amount on account of his breach of the secrecy agreement.

A further hearing which reversed the compensation payout heard how Dana Snay couldn’t “keep her mouth shut.”

Whoops!

A sad day indeed for the Snay family, no doubt, but there is a security message bubbling under the surface here:

In many ways I think the internet serves as a double-edged sword, offering opportunity and potential risk in almost equal quantities. Anyone, from the home user to the chairman of the board, can use the internet to learn, play, socialise and even make money. But for every advancement in the underlying technology, and every innovative new web site, there seems to be a correlation to the amount of risk posed by the same.

I’m not of course trying to suggest that the world wide web is such a hive of scum and villainy that you should immediately cancel your broadband connection but it is worth considering that, as our use of the net expands, so will the dangers.

It is for this reason that we see more attacks and other incidents being reported in the media. Right now the biggest issues would appear to be the threat of government spying and data breaches, such as the ones recently identified at Adobe, Target, Neiman Marcus, et al.

Such high profile incidents have, quite rightly, highlighted the need for a more robust security framework within many businesses. In fact, I would say that awareness of the biggest threats posed to companies is as high as I ever remember, though there is definitely much room for even more improvement to be made, both in terms of awareness and actual action.

The only drawback I see, however, is the fact that some companies may be tempted to focus all of their attention and resources on the top threats, perhaps at the cost of overlooking some of the lower level risks, such as those alluded to by the Snay case mentioned above.

So my point today is to highlight why an organisation needs to look at the whole picture when it comes to security. In a “look after the pennies and the pounds/Euros will look after themselves” kind of way I think that a business needs to implement security from the bottom up – instill a security culture at the bottom levels of the business and it will travel upwards. Educate the most valuable asset found in the majority of businesses – the staff – and you will generate a proactive security culture throughout the firm.

Create a security policy that clearly defines what is, and what isn’t, acceptable practice and you will minimise the risk of someone saying something they shouldn’t on social media sites. Get everyone within your organisation to buy into a security mindset and you should, at the least, ensure that confidentiality agreements are not broken by accident or through the engagement of anxious fingers before unthinking heads.