Social networking sites muddle security pros

Social networking sites muddle security pros

Tags:   Information Security Policies, Procedures and Guidelines  Security Awareness Training and Internal Threats  Web Application and Web 2.0 Threats

By Eric Ogren | Jul 2, 2009

The explosive growth in social networking has positioned many security teams solidly between a rock and a hard place. On the one hand, conscientious security executives cannot ignore the data loss and regulatory compliance risks to the corporation; on the other hand, security cannot politically survive by categorically objecting to other organizations innovative use of new business tools.

According to a recent Websense Inc. survey, the decision has already been made by the business units with 86% of IT respondents reporting pressure to allow more social networking in the business. The message resonates loud and clear to security: Resistance to advances in technology is futile; find secure ways that business can move forward.

More and more data is hosted outside of corporate data centers, with that data being accessed by end users via Internet protocols from within office buildings, personal computers at home, or anywhere/anytime mobile devices such as Apple iPhones. Enterprises are increasing investments in the use of social networking websites as a cost effective means of collaborating with prospects, customers, employees and partners. Facebook is hardly the sanctuary for the latest generation, as demographically its user base consists of professionals between ages 25 and 35. There is also the 1382% year-over-year growth rate in Twitter and the reported 152 million users watching 16.8 billion online videos on social networks that security has to contend with. Social networking is already ubiquitous and it is silly for IT to take a negative stand against these strong trends. But Twitter risks and Facebook threats are real. The best approach for security is to work with the business organizations to help make use of social websites as safe as possible while acknowledging that there are risks involved.

Educate employees and business partners on social networking risks. Web security training is a must. In many ways, the use of social websites follows the same common sense rules as using the telephone, showing business documents, or other settings that occur outside the confines of the office building. Security should be conducting regular communications on responsible handling of confidential data, the dangers of following suspicious links on social websites and make resources available if they have any questions or need help with recovery from a security incident. Employees should also know that in highly regulated industries, such as finance with stringent auditing requirements, violations of acceptable behavior policies may result in termination.

 
 
12

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
 
 
 
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
 
 
 

Recent popular content

Most Read
Federal government may step in to ensure privacy protection
UTM product offers Logansport Savings Bank superior protection
Top 10 tips for protecting sensitive data from malicious insiders
Healthcare personnel insist on social networking access
Virtual patching makes an impact on RSA conference

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS