Hybrid commerce: Blurring the lines between business and pleasure

Next story

As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create meaningful interactions between staff members.

Put differently, while organizations prioritize workflow, there’s also a growing need to reinforce social connections through a virtual company culture that enhances engagement and a feeling of belonging among workers, both with those who work remotely and those who work in hybrid mode. These virtual hallways are, in many ways, a much-needed replacement for in-between discussions that typically happen by the copier or in the office corridors.

“Social” past its peak?

In Q4 2021, well into the pandemic, Facebook saw its user numbers drop for the first time in 18 years – losing approximately half a million users. Though since rebounding, did this episode signal that traditional social media platforms are past their apex?

Since the internet went “social” on the wave of Web 2.0, around 2004, social networks started mimicking the everyday interactions of life: lists of friends with whom we could share photos, thoughts, and other multimedia content. But while in real life you can meet one group of friends one day and another the day after, on social media they were encouraged to mix. Suddenly, it became acceptable for work colleagues to send friend requests and, very quickly, it became awkward not to accept. Google tried to solve this by launching Google+, a social network that would divide the people you connect with into different circles, just like in real life. But the idea didn’t have much success.

Meanwhile, the internet got so used to Facebook that, by 2015, the platform had reached 1.44 billion users and acquired Instagram and WhatsApp. It quickly became the “new normal” for work colleagues to message each other about work during and after work hours, connecting employees in a way that never existed before. While this could be a positive – for example, enhancing company culture – it didn’t take long for employees to start discussing “the right to disconnect”; after all, no one wanted to receive texts about work at dinnertime or to share vacation pictures with their bosses. And in the office, managers didn’t want employees to lose time with social interactions. But it was too late.

Democratizing business tools

Simultaneously, people were also starting small businesses on Facebook, initially taking advantage of “buy and sell” groups and, from 2016, using the platform’s new Marketplace. Freelancers started using personal pages to promote their work, teachers shared class notes, and small bookshops promoted their new arrivals. Everything was possible without even having an official business account with pro features and complex analytics; it was anyone’s game.

By the end of 2020, it was already so common to do business via these social media platforms that Facebook launched the Facebook Business Suite app to allow small businesses to manage their content, messages, and analytics for Facebook and Instagram in one place. And since November 2022, all Facebook users can “repurpose” their personal profile into “professional mode”, a new capability designed to support new content creators by giving them access to analytics and monetization programs, including the possibility of receiving money directly from fans.

Work trickling into our social lives

Running a successful business may demand an “always on” status, but to be “always on” is more than just sitting at your PC in the office. Clearly our work is no longer confined there. Our work is in our pockets, on our phones, and just next to our personal pictures. This concentration of data, data processing and creation tools (your camera included), and communication tools, all in one, is a big shift in how we organize our lives. Any app developer worth their salt knows this.

Telegram, a cloud-based instant messaging service with over 700 million active users worldwide and with apps for all devices, is also becoming an increasingly capable mobile workspace. The app allows for the creation of groups and channels (like on Slack or Teams), file sharing up to 4GB, and folders that prompt users to use their existing accounts to create a dedicated space just for workflow, right there between the family and gaming chats. It persistently pings users with notifications from work, even during a vacation, if not turned off.

Even if some users benefit from the nascent legislation on the right to disconnect, everyone is affected by the data policies of their favored cloud-provided service. While this should be a concern for both personal and work data, at minimum, companies should use apps that encrypt data and collect only minimal data, and preferably use apps that store all messages and media locally on the user’s device.

In parallel, there are a host of other messaging apps being repurposed for business that several million people use: dating apps. Surprisingly, these too are used for professional networking, finding new clients, hiring, and job hunting. In 2020, at the start of the pandemic, the dating app Bumble created the “Community Grants” profile, which looks just like a regular user’s profile. By swiping right on it, users are matched and requested to nominate a local SMB in need of financial support due to the lockdowns. Bumble pledges to choose 200 businesses and award them up to a USD$5,000 grant. While its primary focus is dating, Bumble also offers a Bizz mode that facilitates meetings between professionals.

The risks of mixing professional and personal lives

Mixing business with your social life is a growing trend. Tinder, for example, offers the possibility to run ads, and many freelancers and SMB owners take advantage of their personal profiles to get new customers to swipe right. If a customer becomes a date, even better! Being an entrepreneur seems to be a trending characteristic. According to a Shopify survey published last year, from April 2020 to July 2021, Tinder registered a 25% increase in mentions of users’ entrepreneurial experiences in their bios, which seems to be a characteristic appreciated by 71% of the app’s users.


While these apps do not allow commercial activities, a conversation with someone self-described as a gym addict can easily lead to being sold a personal trainer service; a wine exporter can try to sell a few bottles; a coffee shop owner will be thrilled to connect with someone over a coffee.

But while this could be seen as a creative solution, it can create real problems. Blurring use cases for apps across the personal and professional can have serious consequences. Falling for a phishing scam on WhatsApp can prompt the download of malware that steals both personal and work messages. Dating app scammers and criminals might abuse someone’s aim to network and sell in order to acquire information about a business. Even in an office environment, sharing information online that is intended for friends but that colleagues might access – such as pictures on Facebook or your presence on mobile apps such as Grindr or Happn – might end up with unwanted attention or be used for stalking, doxing or professional gain.

But there’s more. Just recently, Meta disciplined or fired more than two dozen workers for allegedly misusing internal systems to hijack users’ accounts, in some cases in exchange for thousands of dollars. While this might not be a widespread problem, nothing guarantees that this is not happening at other companies. And even if the target might be a personal account, work details exchanged using that account is icing on the cake once in criminal hands.

Indeed, some employees might be more interesting targets than others, depending on how much data they have access to. And that can be an important factor when imposing more restrictive measures on staff with higher exposure. But this can also be misleading, as every employee in a company is connected, and it might be easier to steal information from someone who is not perceived as an obvious target.

Cybersecurity for the hybrid workplace: The hybrid workplace: What does it mean for cybersecurity? Protecting the hybrid workplace through Zero Trust security Tackling the insider threat to the new hybrid workplace Why cloud security is the key to unlocking value from hybrid working Examining threats to device security in the hybrid workplace


Back to that overlap between professional and personal. As we go through cultural changes around how we communicate, work, and live, we can’t ignore how our online and offline lives have merged, creating new risks that must be avoided by establishing clear rules.

If businesses expect employees to be available anytime, they must be prepared to end Bring Your Own Device policies to ensure a clear division between personal and private life. This means giving employees dedicated work devices – not just laptops, but smartphones as well. Companies need to ensure that both they and their employees know the consequences of using the same device for both work and private life.

Other priorities stand out, too. Companies should stop providing configuration profiles that employees can install on their personal iOS devices to access their work email and other work platforms. On top of this, it is essential to implement clear password rules to discourage employees from using the same password for personal and work accounts and require multifactor authentication.

The future is full of amazing technologies, collaboration tools, and more humanized online social experiences, but they will continue to blur the thin line that divides different spheres of life.

This article is an adapted version of the corresponding section from our Cybersecurity Trends 2023 report. Indeed, why not give the full report a read?

Cybersecurity Trends 2023: Securing our hybrid lives

About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit ΕSET Hellas or follow us on Facebook, Twitter and LinkedIn.