RSS Alerts

Related Stories

  • RSA Europe: Social networking is the key to stealing an identity
    The realities of identity theft and the modus operandi of cybercriminals were explained to delegates at this week's RSA Security conference in London by Brian Honan, a principal security consultant with BH Consulting of Ireland.
  • Companies leap to new web and mobile technologies leaving security behind
    Companies are embracing new web and mobile technologies such as cloud computing, virtualisation, social networking and mobile communication at a faster rate than their information security strategies are updated.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Batten down the hatches
    Due to the horrifying quantity of vulnerabilities, and often limited time and budget, application and database security can be quite a headache. Limiting privileges and access, however, is a good place to start, finds Danny Bradbury
  • Face-off in Oxford
    Britain’s oldest university has become a flashpoint for students’ use of social networking and privacy, while companies debate whether to block or encourage Facebook and its rivals. SA Mathieson reports

News

Infosecurity Europe: Business social networkers can “learn a lot from kids”

29 April 2009

Chris Boyd, director of malware research at FaceTime Security Labs, warned against the dangers of social networking at the talk ‘Social networking pirates: Batten down the hatches, Cap’n Jack is coming’ at Infosecurity Europe.

Boyd noted the rise of business-focused Web 2.0 sites such as Present.ly, LinkedIn and Yammer, observing that with such sites “You’re encouraged to tell everything about yourself…You’re encouraged to tell the world about your company.”

Boyd said the popularity for employees to use such sites meant that businesses were walking into unchartered territory” and pointed out the danger that “a social engineer can quickly ascertain who you work with.”

He added that “Most MySpace profiles are set to ‘private’ – we could learn a lot from these kids.”

Boyd gave several tips for moderating social networking within an organisation and mitigating against hacks.

-    Put someone in charge of social networking in the workplace
-    Enforce a set of rules with regards to what not to put on sites like Yammer.
-    Keep real world friends and associates out of your top friends on social networking sites
-    Avoid the ‘life story on LinkedIn’ approach
-    Delete old Twitter messages

Commenting on the last point, Boyd said “There are so many random messages, you can, over time, build a complete picture of who this person is.”

If messages are deleted, it’s “a lot harder for someone to mine the ‘stream-of-consciousness’ data” for information.
 

 

This article is featured in:
Identity and Access Management Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water