Tweet this: Social network security is risky business
Panel discussions at RSA focus on a more social attack vector
Computerworld - SAN FRANCISCO -- Businesses are still trying to figure out what to make of social networking. The knee-jerk impulse at some companies is to ban its use because it's insecure and seen as unproductive, while at others it's viewed as, in fact, the way a lot of people now get work done.
The debate gets into familiar territory -- balancing business benefits versus risks -- and some that's not so familiar: Is a new generation in the workforce wired differently because of Facebook and Twitter?
"It starts way before college," said Gillian Hayes, a University of California at Irvine professor who took part in a panel at this week's RSA Security conference. "The emphasis is on 21st century skills, solving problems creatively; kids solve problems by mashing up bits and pieces."
Hayes' panel addressed "Lifestyle Hacking: Social Networks and Gen Y Meet Security and Privacy."
There's a growing generation gap between those who have grown up immersed in the Internet and those who think using social network sites is no more productive than spending work time surfing e-Bay, Amazon, ESPN.com, or, for that matter, porn and gambling sites. Companies often cite productivity, even more than security, as the prime reason for banning social networking.
"There are baby boomers like me who think the road to productivity is through single focus, one thing at a time, said Jim Routh, a consultant for Archer Technologies. "In reality, those brought up on the Internet are accustomed to using multiple media-rich environments productively. The older generation separates the work and the social, but the technology is so pervasive, there is no separation anymore."
Some companies are responding by allowing social networks for specific business initiatives, such as marketing and sales. Even then, however, people who were raised with technology often find ways to break through work-imposed barriers, tunneling through Web proxies or getting to Facebook using Google.
Not surprisingly, this puts security people in a tough place. They're under pressure from employees, business managers and, sometimes, upper management to find a way to bring social networking in securely. Even for security mangers who understand risk assessment in a world in which business is often powered by access to a global network, social networking is still risky business.
"We spent so many years locking things down," said Frank Waszmer, information security architect at Florida-based Health First. Waszmer was part of a panel discussing "How CIOs Protect Their Data in A Web 2.0 World."
"It took a long time to convince management to tighten things up," he said. "You have to make sure management is on board to the risk of opening up."
- Security execs express surprise over CISO's firing following RSA talk
- Security industry faces attacks it cannot stop
- Pennsylvania fires CISO over RSA talk
- Google attacks, Web 2.0 fuel FUD at RSA
- Analysis: Does the storm over cloud security mean opportunity?
- Microsoft's tax-for-hacks 'horrible' idea, say security experts
- FBI Director: Hackers have corrupted valuable data
- CISOs rain on cloud-computing parade at RSA
- FBI embeds cyber-investigators in Ukraine, Estonia
- Tweet this: Social network security is risky business
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Cybercrime and Hacking White Papers | Webcasts