Tweet this: Social network security is risky business
Panel discussions at RSA focus on a more social attack vector
Computerworld - SAN FRANCISCO -- Businesses are still trying to figure out what to make of social networking. The knee-jerk impulse at some companies is to ban its use because it's insecure and seen as unproductive, while at others it's viewed as, in fact, the way a lot of people now get work done.
The debate gets into familiar territory -- balancing business benefits versus risks -- and some that's not so familiar: Is a new generation in the workforce wired differently because of Facebook and Twitter?
"It starts way before college," said Gillian Hayes, a University of California at Irvine professor who took part in a panel at this week's RSA Security conference. "The emphasis is on 21st century skills, solving problems creatively; kids solve problems by mashing up bits and pieces."
Hayes' panel addressed "Lifestyle Hacking: Social Networks and Gen Y Meet Security and Privacy."
There's a growing generation gap between those who have grown up immersed in the Internet and those who think using social network sites is no more productive than spending work time surfing e-Bay, Amazon, ESPN.com, or, for that matter, porn and gambling sites. Companies often cite productivity, even more than security, as the prime reason for banning social networking.
"There are baby boomers like me who think the road to productivity is through single focus, one thing at a time, said Jim Routh, a consultant for Archer Technologies. "In reality, those brought up on the Internet are accustomed to using multiple media-rich environments productively. The older generation separates the work and the social, but the technology is so pervasive, there is no separation anymore."
Some companies are responding by allowing social networks for specific business initiatives, such as marketing and sales. Even then, however, people who were raised with technology often find ways to break through work-imposed barriers, tunneling through Web proxies or getting to Facebook using Google.
Not surprisingly, this puts security people in a tough place. They're under pressure from employees, business managers and, sometimes, upper management to find a way to bring social networking in securely. Even for security mangers who understand risk assessment in a world in which business is often powered by access to a global network, social networking is still risky business.
"We spent so many years locking things down," said Frank Waszmer, information security architect at Florida-based Health First. Waszmer was part of a panel discussing "How CIOs Protect Their Data in A Web 2.0 World."
"It took a long time to convince management to tighten things up," he said. "You have to make sure management is on board to the risk of opening up."
- Security execs express surprise over CISO's firing following RSA talk
- Security industry faces attacks it cannot stop
- Pennsylvania fires CISO over RSA talk
- Google attacks, Web 2.0 fuel FUD at RSA
- Analysis: Does the storm over cloud security mean opportunity?
- Microsoft's tax-for-hacks 'horrible' idea, say security experts
- FBI Director: Hackers have corrupted valuable data
- CISOs rain on cloud-computing parade at RSA
- FBI embeds cyber-investigators in Ukraine, Estonia
- Tweet this: Social network security is risky business
- Single-Vendor Security Ecosystems Offer Concrete Benefits Over Point Solutions IT security decision-makers from companies with 100 to 5,000 employees evaluates the current endpoint security solution market based on Forrester's own market data,...
- Case Study: Intuit Turns to Self-Service IT Intuit empowered its users to resolve their own IT issues with a consumer-like experience to free IT to focus on more strategic initiatives....
- Automation for a Better Tomorrow Check out the five most common annoyances facing enterprise IT service desks today, and how automation can resolve all of them. Download the...
- Beyond the Enterprise App Store Leverage proactive, secure and automated IT Service delivery to move beyond the traditional App Store and empower your users. Read the white paper...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!