Welcome to the SecAware blog

I spy with my beady eye ...

28 Oct 2009

New NB module on social networking

Social networking has become extremely popular of late and is getting lots of coverage on new and traditional news media. Given the fact that a great deal of network/Internet use and applications have traditionally been social in nature, this is hardly surprising: what is more surprising is that the media and technology pundits seem to feel that we need to have a special term for it. Like most Internet and IT developments, it’s more evolution than revolution, and in fact more hype than substance in many cases.

Businesses are making use of interactive social media for corporate (primarily marketing) purposes. While these applications are, at the moment, more projected than proven, it is undeniable that many enterprises are either openly examining social networking and so-called Web 2.0 technologies, or are facing covert use of these systems and technologies by rogue employees. Either way, employees need to find out about the concerns and security dangers related to such use before landing themselves, their family, friends and colleagues, and maybe even their employers, in trouble.

Humans are social animals. Social networking websites such as MySpace, Facebook and Twitter, plus associated network applications, provide a conduit for social interaction by individuals, for example keeping in touch with family and friends, making new acquaintances and friends, and often publishing details of their normally private and personal activities on the Interwebnet.

The primary information security risks relating to social networking and social media can be classed as social engineering - the deliberate manipulation of vulnerable people in order to gain control over the information assets they own or have access to, and the use of information so obtained to deceive or manipulate others. With systems and networks getting ever more complex, ordinary users are getting more and more remote from the underlying technologies, which opens them to new threats from hackers who know how to turn the technologies and processes to their advantage.

You can find out more about the information security risks associated with social networking in this month’s NoticeBored security awareness newsletter, and take a look at what's in store in the new awareness module here.

No comments:

Post a Comment