Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Social networking without the risk

Jonathan Andresen | July 21, 2011
Embracing social media only requires the right security.

Social networking is fundamentally shifting the way we interact, communicate, organise, form opinions, and even shop; it's blurring boundaries, increasing transparency and creating fluidity in everything we do. Linking a twelfth of society and growing rapidly, companies, large and small, can no longer ignore or try to block social networking in their environment. It's a part of the fabric in which we now learn, play and work.

The reality is you need to go where your target audiences are - and people are more likely to participate in a social media forum than any other venue. Customers, partners, and employees, alike expect to engage with you via social media - it's a way for you to stay connected, gather feedback, recruit, and collaborate. As a result, you need to support social media in your environment to enable the innovation, increased productivity, and accelerated growth that will drive your business.

Social Networking Risks

All the things that make social media so attractive to users - the personalisation, the ease with which information can be shared, and the real-time nature of the medium - pose significant risks to your business. The following are the top four risks you face when you use social networking:

1. Malware: In 2010, social media became the preferred communications vehicle for users, who are spending more than 700 billion minutes per month on Facebook alone, making social networking sites and their users ideal malware targets. According to Sophos, 40 percent of users were infected by malware from social networking sites. Typical attacks draw on the trust relationship established between users and their connections. They try to trick users into giving up information and access that can be exploited for financial gain. Some examples of malware particularly successful in social media are:

Phishing: With increasingly sophisticated techniques, attackers pose as one of your legitimate social networking connections and try to lure you into providing sensitive information, such as your login credentials. They prey on the tendency of most people to use the same passwords for all their accounts, hoping that by tricking you into giving one username and password, they can get access to more profitable banking, financial and other online accounts.

Most users have their radar ON concerning financial accounts, but their daily login to a social networking site is just a speed bump, creating an opening for cyber criminals to steal online assets. This is why more and more phishing attacks are targeting seemingly "non-relevant" online user accounts.

Click-jacking: Attackers lure you into clicking on a link, perhaps posting it on your wall and then spamming your friends to "check it out" or "view my photos". When someone clicks on the link, they unwittingly install malware (code or script) that can be used to steal information or take control over their computer. Click-jacking uses the dynamic nature of social networking and a willingness to click on links from those you know, and even those you don't, to quickly reach a large audience, cajole you into revealing private information (e.g. through surveys), collect hits for ad revenue, and eventually allow access to your entire social network.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.