Marines solidify ban on Facebook, Twitter
While military uses social networks, security concerns keep soldiers offline
Computerworld - The U.S. Marine Corps made it official this week: Social networking sites such as Facebook and Twitter are banned from military networks.
The new administrative directive issued Monday, doesn't change much. Marines have not been allowed to access sites like Facebook, MySpace or Twitter from military networks. The Marines have simply put an official stamp on the ban, while also laying out the steps to take for any Marine who wants to access a site as part of his or her job.
"These Internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries," the directive noted. "The very nature of [social networking sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage ..."
The ban, however, is only for people using Marines' equipment and networks while they are working. Marines may still Twitter or post to Facebook on their own time and on their own computers.
The military isn't against using sites like Facebook and Twitter, said 1st Lt. Craig Thomas, a Pentagon-based spokesman for the Marine Corps.
The U.S. Central Command has a Facebook page, a channel on YouTube and a Twitter account to get out information regarding operations news. The Army is using MySpace to recruit new soldiers and the U.S. Forces Afghanistan page on Facebook has more than 24,000 fans.
"The Marine Corps has got to find a balance between security and letting Marines capitalize on the technology," Thomas said in an interview with Computerworld. "We don't want information leaks and we want to keep Marines focused on the mission at work and we wanted to save bandwidth. We're trying to find the fine line."
Thomas noted that 30 years ago, soldiers were warned about revealing too much information in letters home. Then 10 years ago, they were warned about how they used e-mail. Today, the focus is on social networks.
"You can't have someone posting, 'Hey, we're leaving on this date and at this time,'" he added. "Believe me, the enemy is checking out what you guys are reporting and what service men and women are saying online. The Marine Corps instills operational security. They need to be cognizant of what they're saying, whether verbally or what they're saying on social networking sites."
Ken van Wyk, principal consultant at KRvW Associates, said the Marines have several avenues of concern with social network use and they're probably right on track with most of them.
"If they're concerned about the platform -- whether Facebook itself is secure -- then their concerns should go far beyond just Facebook," van Wyk said. "Any site that permits active content into the user's browser runs the same risk. Facebook is just one of many."
But for the military to be concerned about soldiers posting mission critical information on Facebook or MySpace, then they're not thinking broadly enough, van Wyk said.
"If they're concerned about the content, like soldiers posting, 'Wow, having breakfast just outside of Fallujah today,' then Facebook is purely just a scapegoat," he added. "Information can be shared in many different ways. SMS texts, for example. E-mails to friends. Facebook and its ilk make that particularly easy, as well as tough for the Marines to control or even monitor, but someone who wants to share information is going to find a way."
Read more about Web Apps in Computerworld's Web Apps Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Alert Logic for PCI DSS Compliance To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by...
- Accelerating Network Convergence in Virtualized and Cloud Data Centers Adopting a converged networking strategy enables organizations to traffic server and storage I/O workloads on consolidated data throughput channels. Intelligent software helps optimize...
- How 10GbE Network is the Backbone of the Virtual Data Center The shift to a virtual data center has put tremendous strain on legacy networks; driving the need for more speed, lower latency, more...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts