What are the dangers of using Facebook, other social networking sites?

What are the dangers of using Facebook, other social networking sites?

Should we allow our staff to use social networking sites? Some people say they are dangerous but I can't see how. Can you explain the dangers of using Facebook and other social networking sites?

There's nothing wrong with using Facebook, other than the potential impact on working time, but that's not a security matter! The issue is in how your staff configures Facebook, and what information they place on it.

A few tips to pass on to your staff on the dangers of using Facebook:

    Requires Free Membership to View

    Login

    SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.co.uk you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.co.uk is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

  • Don't allow anyone that isn't part of your network of 'friends' to see your profile.

  • Don't allow non-friends to see your friends. Why? I could easily impersonate one of your friends, fake a new profile, and send you an invite. You accept, thinking a genuine friend has created a new profile, then I'm in your network of friends and can see your profile.

  • Think about what information is in your profile. What would be useful in stealing your identity? Date of birth, address, email address, employer, interests. why does this type of information need to be on your profile? Everyone that knows you is likely to know this information already! Those who don't know you don't need to know it.

  • The two main dangers of Facebook are that an identity fraudster could steal your identity, or a hacker could compromise your business by compromising one of your staff. This might be achieved by coercion (dodgy photos of work nights out?) or by using the information they disclose to set up a compromise of their laptop or PC.

    One word of advice for the employer -- if you do allow Facebook access at work, block Facebook email using mail filters. At least then you don't have the problem of staff using work email addresses for Facebook. This simple step will then prevent the hacker from making the link between the user and the company they work for.

    • This was first published in April 2008