RSA Europe: Organisations should ban social networking says Ira Winkler

“Don’t be afraid to ban social media, perhaps making the occasional exception for someone who has a business reason. People won’t decline a job because they can’t use Facebook, and they won’t leave the company for that reason either – the job market isn’t that good”, he said. “It’s not just about security – social networking sites are time killers and affect productivity”.

If an organisation does choose to allow employee access to social networking, “they need a policy which covers all social media sites. It’s about operational security – not being big brother. Companies can’t just ignore this – it is a big problem”, he insisted.

The social networking site which seems to have earned the brunt of Winker’s anger is Facebook. “It embodies everything that is wrong with all of the other social networking sites”. Twitter didn’t get away lightly either, with Winkler describing it as “the ultimate level of vanity”.

Winkler’s biggest concern with social networking sites is the ‘over-sharers’. “People are being stupid at the speed of light. These messages are going out in real time, to the real world, and often there are consequences for other people and employers. Blogs and this new open, sharing society means that privacy is becoming a non-issue for these people”, he continued. “People gradually reveal more and more information until they are de-sensitised”.

More worrying, he spoke of the new trend of geo-locating yourself via FourSquare and Google Lattitude. “The least I can do is rob your house if I know where you are”, he said. “People want to give away the most sensitive information about themselves – just look at Blippy”.

Outside of work hours, employees can use social networking sites to distribute equally sensitive information about their employer, Winkler said. “Companies are afraid to comment on employees’ ‘out of hours’ behaviour – they are afraid to be Big Brother and work under the guidelines that ‘If it’s not porn, it’s OK’”.

In this situation, he argued, “the stupid employer is more stupid than the over-sharing employees”. His advice? “Employees need to think about the business implications of what they post. Little consequential things can become big political issues. And for the employer – a business won’t fail because of who they hire, it will fail because of who they fail to fire”.


What’s Hot on Infosecurity Magazine?