Home > Ask the Information Security Experts > Compliance standards and regulations Questions & Answers > What are the dangers of using social networking sites?
Ask The Security UK Expert: Questions & Answers
EMAIL THIS

What are the dangers of using social networking sites?

>
QUESTION:
Should we allow our staff to use social networking sites? Some people say they are dangerous but I can't see how. Can you explain the dangers?

There's nothing wrong with using Facebook, other than the potential impact on working time, but that's not a security matter! The issue is in how your staff configures Facebook, and what information they place on it.

A few tips to pass on to your staff:



RELATED CONTENT
Compliance standards and regulations
How to protect credit card data over the phone – and pass PCI DSS
Biometric authentication systems vs. token-based systems

Data Protection Solutions and Strategy
Enterprise data management: Prevent data loss and insider threats
NSA, cryptoexperts jab at RSA Conference 2010 Cryptographers' Panel
Make PCI DSS compliance easier by reducing scope, outsourcing data
Data Protection Act fines likely limited, audit powers may expand
Websense integrated security system aims to simplify security management
Full disk encryption: Safer and easier than file and folder encryption
No major PCI DSS revision expected in 2010
Data breach costs continue to rise in 2009, Ponemon study finds
Chinese hacker attacks target Google Gmail accounts, top tech firms
Annual security reports offer some hope

Platform and OS Security Management
Microsoft issues advisory on new IE security vulnerability
Microsoft patches SMB flaws, Hyper-V problem in big update
Microsoft blue screen affecting few corporate PCs
Microsoft to fix 26 flaws in Windows, Office
Thin-client technologies surge thanks to easier security, says Deloitte
Microsoft issues critical security update, blocks IE 6 attacks
How to use Windows XP Mode in Windows 7
Microsoft to patch single Windows 2000 vulnerability
How to prevent memory dump attacks
Microsoft gives Internet Explorer a major security overhaul

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
UK Identity Cards Act  (SearchSecurityUK.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


Ken Munro EXPERT RESPONSE FROM: Ken Munro

Pose a Question
Other Security UK Categories
Meet all Security UK Experts
Become an Expert for this site
ANSWERED April 2008:

  • Don't allow anyone that isn't part of your network of 'friends' to see your profile.

  • Don't allow non-friends to see your friends. Why? I could easily impersonate one of your friends, fake a new profile, and send you an invite. You accept, thinking a genuine friend has created a new profile, then I'm in your network of friends and can see your profile.

  • Think about what information is in your profile. What would be useful in stealing your identity? Date of birth, address, email address, employer, interests. why does this type of information need to be on your profile? Everyone that knows you is likely to know this information already! Those who don't know you don't need to know it.

  • The two main risks of Facebook are that an identity fraudster could steal your identity, or a hacker could compromise your business by compromising one of your staff. This might be achieved by coercion (dodgy photos of work nights out?) or by using the information they disclose to set up a compromise of their laptop or PC.

    One word of advice for the employer - if you do allow Facebook access at work, block Facebook email using mail filters. At least then you don't have the problem of staff using work email addresses for Facebook. This simple step will then prevent the hacker from making the link between the user and the company they work for.




    • Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Access Management: Authentication, Biometrics, Password Security
    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    SEARCH 
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2008 - 2010, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts