HOT TOPICS >> Industry Voices | Commentary from Ron Miller | eBook Readers | One on One | Google Wave
IT NEWS BY INDUSTRY >> Healthcare | Government | Financial Services | Biotech | Compliance
Should your company fear social networks?
ReadWriteWeb reports this week on a recent study by security software vendor, Sophos, that found approximately two-thirds of businesses surveyed were afraid that employees participating in social networks could endanger their security. Before you read too much into it, keep in mind this was a survey sponsored by a security software company, so of course it makes sense that results point toward a perceived security risk.
The odd part of the survey to me was that 63 percent of companies in the survey worried about employees sharing too much personal information on social networks. That's like a company worrying about its employees sharing too much personal information with their neighbors or at a party. It's the employee's business what they share about themselves online and doesn't really concern the company. I could see them being worried about sharing company information, as 66 percent did, but personal information? That doesn't really add up.
According to the ReadWriteWeb article: "A quarter of these businesses also report that they have been the victim of spam, phishing, and malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace."
This may be true, but companies still need to be thinking about social networks because their customers are there talking about them in positive and negative ways. Smart companies are monitoring the conversation and participating. If you ignore social networks because of security fears, you might find that, in the process, you are losing a valuable competitive advantage that social networks could give you.
For more information:
- read the ReadWriteWeb post
Related Articles:
Can a trusted social network become a personal taxonomy?
Security pros get comfortable with social networking
Survey: Developers head to social networks
Gartner says half of social networking projects will fail
SHARE WITH:
Comments
By Dan Keldsen | Posted 10:36am | May 4, 2009
Ron - Ah, to share or not to share, that is the question!
Or is it?
As a "former paranoid security guy" (was on the board for the SANS GSEC certificate, and card-carrying security guy), I have to say that it's certainly worth a bit of thought, and in laying down some "guard rails" for employees to consider.
Outright banning of access never works - it is far to easy to circumvent security controls, particularly when most "2.0" offerings have access from a variety of devices, APIs, etc. such as cell phones, which are nearly impossible to "secure" against such a "threat" as Twitter.
On the other hand should your employees all live (and work) on the social networks, without restriction? Probably not.
Balancing out the benefits, and taking a real look at the downsides of sharing too much information is a real conversation that should be had. It's not "yes, you're allowed, go crazy" or "you are completely barred, untrustworthy worker droid" - but a real conversation as to what the pros and cons are, from a BUSINESS standpoint before the SECURITY discussion comes into play.
What people need to keep in mind is that while SOME hackers are breaking into systems via flaws/bugs/holes, far more are simply walking right in the door with keys that employees have handed them, unknowingly.
For example, when people choose their own passwords, with no guidance on making them difficult/impossible to guess, their defaults are likely to be:
A pet's name
A family member's name
Their own name - backwards or forwards
Their favorite band, movie, etc.
And where would you find that information, as a potential "hacker?" That's right, on social networks.
Of course the solution is not to ban access to social networks - it's to educate employees, and prevent them from making choices for their passwords that would be easy to guess or simply steal from information provided out in the open.
Participation in the social world doesn't have to be all or nothing - but it's wise to be informed before making extreme decisions.
To network, or not to network? Yes.
See some of my analysis and history in social networking, which stretches back to 2002, at:
www.slideshare.net/dan.keldsen/build-smarter-internal-and-external-communities
It's been an interesting ride thus far, and we still haven't seen what's really possible. Shutting off access to social networks may be one of the worst possible moves, particular in this economy.
Dan Keldsen
Co-founder and Principal
Information Architected
www.informationarchitected.com/services/collaboration/
By rmiller | Posted 4:49pm | May 4, 2009
I don't know that people share every aspect of their lives on social networks and you would need to really be listening to get a password. What's more even if you did, chances are if you are so worried about security, your in-house security team is going to require more stringent security measures such as frequently changing your password. It could give a really obssessed person who pays extremely close attention access to the person's personal password, assuming they always use the same one, but that wouldn't do the hacker any good on a company system where one would assume they were forcing you to use a more stringent password system of a minimum length combination of letters and numbers and so forth. I'm just not buying this as a serious threat, Dan.
Post new comment
Home
| Subscribe | Advertise | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2010 FierceMarkets. All rights reserved. |
 |