Johannesburg, 01 Mar 2012
Social media use should be banned in the enterprise unless it is really necessary for business.
So said Ira Winkler, director of the international board of directors at the Information Systems Security Association (ISSA), during the RSA 2012 Conference, in San Francisco.
In a candid presentation titled “Friending your life away: How new social networks cause long-term damage to individuals and organisations”, Winkler said companies are afraid that if they don't allow social networking, they will lose younger employees.
“Do you really need an employee who cares more about social networking than their job? How much does social networking really help? he probed.
He pointed out that current technology on social networks “just allows stupidity to travel faster and also allows abuse to be faster”.
Allowing employees to use social networks can open doors to attacks, as employees can sometimes be negligent, much to the detriment of the organisation, he said.
“The harm might be to the individual making a mistake. One indiscretion can be a matter of life or death and can affect millions,” he noted.
Winkler pointed out that the use of social networks dates back about 20 years ago with platforms like Usenet, which allowed individuals to have online relationships.
However, he said people started posting corporate information, which created a potential for computer and IP compromise. He added that these platforms started making the work of criminals much easier.
According to Winkler, current social networking trends can be traced back to MySpace, which enabled users to post pictures; discuss their plans in advance; and release loads of information, which took embarrassment to new levels.
“YouTube then became the second most popular search engine behind Google, and as the videos posted there went viral, they also destroyed some lives in the process,” he said.
Twitter then took things to another level, Winkler continued. “With Twitter, people started to announce every aspect of their lives and write things at will with no consideration [given] to context or repercussions.”
Winkler then pointed out that Facebook became the “killer app”; an embodiment of all that was right and wrong with other social media.
“Farmville and Zynga as a whole tell us about how people waste their time. Lost productivity, from a business perspective, is immense. What people say is scary. It places themselves and, more importantly, others at risk.”
Social networks also provide a fertile ground for crime, he continued. “There are a lot of documented cases on this. For example, an Arizona family recently posted on Facebook about their trip to the Caribbean Islands, only for their home to be robbed afterwards.”
Regarding privacy, Winkler described Google as “evil”. “YouTube has your age and proclivities; Google knows what you are thinking; Calendar knows where you will be and who you will be with; Latitude knows where you are; Checkout knows what you are buying; Gmail knows your friends; and Google Apps knows you business.
“By consolidating all these little pieces of information, Google might actually know you better than [you know] yourself. There are a lot of services that can put together a profile based on social networking sites. Google can almost be an aggregator,” he said.
Meanwhile, Winkler said there is limited use of professional social network, LinkedIn. Nevertheless, he said, specific information on the platform can be used for social engineering purposes. “For example, one can easily tell if someone is looking for a job just by looking at the referrals and connections.”
Winkler suggested that organisations should stress and enforce bans against discussing work-related issues outside work.
Share