I know that in class we had discussed how social networking sites tend to put a lot of us as individuals at risk for being exploited by hackers. I think that most of us have received those suspicious Facebook messages with a like attached to it, with the message saying something like "Is that you in this picture?", or something to that effect. However, this article that I came across goes into the detail of how social networking sites also have an impact on small-to-medium size businesses (according to Cisco Systems Inc.'s annual report on network security). A large portion of the US population is registered to some form of a networking site, such as Facebook, Myspace, LinkedIn, etc.; this is especially applicable to our generation, as we grew up with these services, and I think that we will transition to the corporate world without disabling our Facebook accounts. Most of these social networks tend to be useful in allowing us to remain in contact with friends and acquaintances, and especially as people tend to grow apart, these applications do provide a convenient way to try to reconnect with those people.
However, the problematic situation involving social networking sites affecting businesses arises when people, particularly those getting ready to enter into the corporate world, tend to mix their professional and social aspects of their life together. For example, according to the article, some businesses do try to ban employees from accessing these sites while at the workplace (and therefore connected to the company's network); unfortunately, this seems like an impractical scenario, since it is becoming more and more common for colleagues to contact each other using the messaging tools on these networking sites. Additionally, as we discussed in class, some business also are realizing the value of using social networking sites to discover more information about prospective employees, which further blurs the lines between social and professional areas. Knowing this, attackers are finding more creative ways to try to exploit business vulnerabilities through social networking sites. Because most social networking users do not take necessary precautions to protect themselves while on these sites (such as not opening suspicious emails and links that are sent from 'friends'), this facilitates a hacker's task to access the company's network, whether this be with a virus, trojans, keylogging programs, or other malware contained in the message sent to the individual employee.
I think that one obvious solution that companies could try to implement would be to simply ban the use of social networking sites completely, but as stated before, it seems impractical given how commonly/frequently it is used by most people nowadays. Frankly, I think that the most that companies can do is enforce precaution, and to educate it's employees on the dangers that are available through social networking sites. Companies should also conduct routine security checks/scans on their individual machines, as well as the company's system, in order to check for any malware that may have installed itself after a particular message was opened. While these recommendations will prolly not completely prevent businesses from being exploited, they should certainly mitigate the chances of these events happening.
Source: http://news.thomasnet.com/IMT/archives/2009/12/cyber-crime-hits-businesses-through-social-networking-media-security-vulnerabilities.html
Friday, December 11, 2009
Subscribe to:
Post Comments (Atom)
Posts
It's interesting that you bring the point of the blur between social networking and your professional lives. Recently, the insurance company a family friend works for started a facebook fan page for the company. This is pretty common, but what happened hopefully is not. The employees of the site began to complain and criticize the upper-management on the discussion board. Not only that, but these comments were coming during business hours! A few low level employees were in hot water over the comments and practically ended any chance for promotions, but what not fired because of a fear first Amendment infringement.
ReplyDeleteI am seriously considering deleting my Facebook page after I finish at ND and starting a new one. I am also going to untag myself from all photos deemed inappropriate. I am constantly amazed that people publicly complain about their jobs, relationships, and personal feelings to hundreds of their closest "friends".
I think the suggested solution of banning the use of social networking sites (especially facebook, myspace, twitter, etc.) while in the workplace is actually fairly practical. Most medium to large sized companies nowadays have their own email networks, similar to the ND gmail network. This serves as the primary source of communication between colleagues while at work. These networks are not only used for frequent emial correspondence, but many are now equipped with instant messaging capabilities which creates increased throughput efficiency by cutting down on the time needed to travel around the workplace asking questions and meeting with managers or staff.
ReplyDelete