Quandary of Social Media Security

Monday, April 05, 2010

Mike Meikle

49afa3a1bba5280af6c4bf2fb5ea7669
I was recently asked a question regarding the top IT concerns for social media (Web 2.0) implementation plan.

Well, in my view information security is at the top.

Companies must consider that previously private data may be released onto the Internet. Also, applications like Facebook are rife with malware and phishers attempting social engineering.

Training people not to post sensitive data about themselves (birth dates, full addresses, corporate email, etc.) is crucial.

If the company wants to have a social media presence, then the people involved in the plan will need to have the training to understand what to post, what is acceptable use (no Facebook apps) and what not to post. 

The Internet is full of regrettable stories of CEO’s and high-ranking employees “saying” really stupid things that bite them on the backside almost immediately.

User requirements gathering will be paramount. What exactly does the corporation want to achieve with social media? This will drive what applications are to be used or developed for the purpose.

Of course once a company heads down the software development path you add a huge layer of complexity to the equation.

Using off the shelf applications (COTS) is usually the most cost effective.

Finally, standardization is key. If IT is going to support social media applications, the company must decide on what tools it will use and make that the standard.

If users are allowed to use non-supported applications, it will only lead to IT and user dissatisfaction/conflict and a needless increase in risk.

Now for some links to backup my pontification:
When it comes down to it, a wiki may be a better alternative for an “in-house” social platform. 

I’ve used Atlassian Confluence with some clients and it’s pretty decent with only a modicum of quirkiness.   Plus you can impress your colleagues with the cool product name if nothing else.
Possibly Related Articles:
11211
Enterprise Security Security Awareness Privacy
Privacy Browser Security Social Media
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.