Businesses are making use of interactive social media for corporate (primarily marketing) purposes. While these applications are, at the moment, more projected than proven, it is undeniable that many enterprises are either openly examining social networking and so-called Web 2.0 technologies, or are facing covert use of these systems and technologies by rogue employees. Either way, employees need to find out about the concerns and security dangers related to such use before landing themselves, their family, friends and colleagues, and maybe even their employers, in trouble.
Humans are social animals. Social networking websites such as MySpace, Facebook and Twitter, plus associated network applications, provide a conduit for social interaction by individuals, for example keeping in touch with family and friends, making new acquaintances and friends, and often publishing details of their normally private and personal activities on the Interwebnet.
The primary information security risks relating to social networking and social media can be classed as social engineering - the deliberate manipulation of vulnerable people in order to gain control over the information assets they own or have access to, and the use of information so obtained to deceive or manipulate others. With systems and networks getting ever more complex, ordinary users are getting more and more remote from the underlying technologies, which opens them to new threats from hackers who know how to turn the technologies and processes to their advantage.
You can find out more about the information security risks associated with social networking in this month’s NoticeBored security awareness newsletter, and take a look at what's in store in the new awareness module here.