This is a very well done article. I think that one of the best ways to mitigate some of these issues is for the company to produce a Social Media Best Practices Policy for its organization.
As a social media marketing firm, we advocate doing so for our clients. Some clients prefer a more loose policy, and others bring their legal department into the process. Either way, it's about people using good judgment and good 'ol common sense.
Sheryl Victor Levy
Savvy Strategy
http://www.SavvyStrategyOnline.com
Twitter: MktgMavn
Nicely done advisory with long lasting value and implications. The most valuable online read is CSO.
While all Seven Deadly Sins of Social Networking Security are powerful, #4, Believing he/she who dies with the most connections wins and #7 Endangering yourself and others both have major implications that should be fully understood. As a collection agent the damage from their acquisition of specific but "harmless" information is beyond one's imagination.
One will never know how their seemingly innocuous vital information is being used or can be used by trained criminals and foreign agents. Identity reconstruction is far more reaching and intrusive than the stolen and misused identity though admittedly a great nuisance.
The professional collection agent doesn't get caught that easily and usually the damage is so extreme that repair is virtually impossible. By way of example, a middle aged man, happily married with three children of college age got the scare of his life one evening. Instead of letting the” telemarketing call" ring during the family dinner, this person answered the phone and within 5 minutes his entire world had turned upside down. A debt collector on the other end was demanding payment for a BMW he had purchased and was now in default.
After 4 good years of satisfactory payments, the predator suddenly decided that he wanted a change of life and stopped making the auto loan payments. Upon further inquiry, the discovery was heart wrenching. Only one social security digit off from the person's true social security number, the predator reconstructed his own identity using personal information the victim put out there during his collegiate days never worrying about its dastardly utility. The rest of the nightmare is left to your imagination.
Thanks a lot for the reminders in your article. But I would like to share with you why Facebook and Twitter would be useful for people in some industry.
I work for an NGO on human rights issues in China. I have been using Facebook and Twitter to transmit information which my organisation and other NGO friends are concerned about. As the information we post on Facebook and Twitter are already public information and they are one of the best ways to transmit some information which can't be accessed by our friends in mainland China, thanks to the Chinese government's tight control of the internet access, we always get very positive comments from mainland Chinese friends for letting them know about some information, which they have no way to get. It's also quite user-friendly for the Facebook users to choose not to add or block some other users if they want to get any "intrusive" information.
For security concerns, we have already tried using other so-called more secure email services, such as gmail by logging in with the link https://mail.google.com by many internet security experts. However, many of our mainland Chinese always complain to us that their gmail accounts are hacked by the mainland Chinese government's internet security agents. So, how can we think of anything safe on the internet?
This is very true. I have friends who usually disclose everything in their lives. They sometimes endup talking about what is happening to their companies and organisation and this is not good for confidencial information of the company.
I think, its more of ignorance or trying to show off what one has acquired in the end jeopardising the organisations' integrity.
Seven Deadly Sins of Social Networking Security
To users of LinkedIn, Facebook, Myspace, Twitter or all of the above: Are you guilty of one of these security oversights?
» View Article
This is a very well done article. I think that one of the best ways to mitigate some of these issues is for the company to produce a Social Media Best Practices Policy for its organization.
As a social media marketing firm, we advocate doing so for our clients. Some clients prefer a more loose policy, and others bring their legal department into the process. Either way, it's about people using good judgment and good 'ol common sense.
Sheryl Victor Levy
Savvy Strategy
http://www.SavvyStrategyOnline.com
Twitter: MktgMavn
Nicely done advisory with long lasting value and implications. The most valuable online read is CSO.
While all Seven Deadly Sins of Social Networking Security are powerful, #4, Believing he/she who dies with the most connections wins and #7 Endangering yourself and others both have major implications that should be fully understood. As a collection agent the damage from their acquisition of specific but "harmless" information is beyond one's imagination.
One will never know how their seemingly innocuous vital information is being used or can be used by trained criminals and foreign agents. Identity reconstruction is far more reaching and intrusive than the stolen and misused identity though admittedly a great nuisance.
The professional collection agent doesn't get caught that easily and usually the damage is so extreme that repair is virtually impossible. By way of example, a middle aged man, happily married with three children of college age got the scare of his life one evening. Instead of letting the” telemarketing call" ring during the family dinner, this person answered the phone and within 5 minutes his entire world had turned upside down. A debt collector on the other end was demanding payment for a BMW he had purchased and was now in default.
After 4 good years of satisfactory payments, the predator suddenly decided that he wanted a change of life and stopped making the auto loan payments. Upon further inquiry, the discovery was heart wrenching. Only one social security digit off from the person's true social security number, the predator reconstructed his own identity using personal information the victim put out there during his collegiate days never worrying about its dastardly utility. The rest of the nightmare is left to your imagination.
Thanks a lot for the reminders in your article. But I would like to share with you why Facebook and Twitter would be useful for people in some industry.
I work for an NGO on human rights issues in China. I have been using Facebook and Twitter to transmit information which my organisation and other NGO friends are concerned about. As the information we post on Facebook and Twitter are already public information and they are one of the best ways to transmit some information which can't be accessed by our friends in mainland China, thanks to the Chinese government's tight control of the internet access, we always get very positive comments from mainland Chinese friends for letting them know about some information, which they have no way to get. It's also quite user-friendly for the Facebook users to choose not to add or block some other users if they want to get any "intrusive" information.
For security concerns, we have already tried using other so-called more secure email services, such as gmail by logging in with the link https://mail.google.com by many internet security experts. However, many of our mainland Chinese always complain to us that their gmail accounts are hacked by the mainland Chinese government's internet security agents. So, how can we think of anything safe on the internet?
Would like to hear your professional advice.
Thanks,
Patrick Poon
Hong Kong
This is very true. I have friends who usually disclose everything in their lives. They sometimes endup talking about what is happening to their companies and organisation and this is not good for confidencial information of the company.
I think, its more of ignorance or trying to show off what one has acquired in the end jeopardising the organisations' integrity.
The "Read the entire comment" links are broken, and there is no website feedback or contact link.
Dirty Tricks: Social Engineers' Favorite Pickup Lines
Tabletop Exercises: 3 Sample Scenarios
19 Ways to Build Physical Security Into Your Data Center
Get instant notifications when whitepapers, webcasts and case studies are added to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
» More blogs
CSO Perspectives
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
Trend Micro ranked #1 against real-world malware. Read more.
64-page prescriptive guide to security, compliance, and IT operations.
Removing Barriers To Better Server Virtualization Efficiency
Mining for Gold: Cybercrime Prevention and the Role of Log Management
The Executive Guide to Data Loss Prevention
Organizations can spend up to 50% more on compliance efforts than necessary.
White Paper: A Security Blueprint Delivered From within the Network
Read the RSA report: Security for Business Innovation
Upgrading to VMware vSphere with vWire
Explore the increasing importance of log management as cybercrime threats grow.
The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
Implementing Best Practices for Web 2.0 Security
Five Ways to Reduce Your IT Audit Burden
THE IDG NETWORK