How To
How to Use Social Networking Safely: Tips From Security Pros
The business advantages of sites such as LinkedIn and Facebook are starting to outweigh the security and privacy risks, say Bill Boni and Howard Schmidt--but only if you follow a few rules
By Katherine Walsh
January 29, 2008
—
CSO
—
Howard Schmidt was reluctant to hop on the social networking bandwagon--a byproduct, he says, of the paranoia he internalizes a security professional. Eventually, though, Schmidt--the one-time cybersecurity adviser to President Bush and itinerant CISO turned consultant--decided the positives outweighed the negatives. He joined not just one social network but three: Facebook, LinkedIn and MySpace.
"My response to those in the security business lamenting the existence of Facebook and MySpace is to ask them if they’ve ever been on it," says Schmidt.
Bill Boni, too, took the social networking leap--with gusto. The long-time corporate vice president of information security and protection at Motorola, he has now racked up more than 500 connections on LinkedIn. For him, social networking is all about amplifying his effectiveness as a security executive. He says the site allows him to keep in touch with people and gives him an opportunity to tap into “additional sources of expertise.”
Despite the well-publicized security and privacy risks of social networking, both Boni and Schmidt say it’s possible to reap the benefits of social networking and stay safe at the same time. You just have to stay vigilant and be smart. Here’s their advice.
1. Do Your Homework.
Boni hesitated to join LinkedIn until he had adequate time and opportunity to research the site. Despite being recruited to join by numerous colleagues whom he trusted, he wanted to pass his own judgment first.
Before you join, talk to people you know and trust about their experiences with social networking. Different people have different comfort levels, which may dictate which site (or sites) you decide to join. For instance, LinkedIn contains mostly fields for resume-type information, while Facebook also asks about your politics, religion, and favorite books and movies (not that you have to answer). After reviewing each site, ask yourself which site you would benefit from most, what type of features you want and what type of information you are comfortable sharing. Schmidt notes that careful research also may help quell your anxieties and misconceptions about social networking.
2. Secure Your Settings.
The benefit of social networking is directly related to the openness of it, Schmidt says, so privacy and security can be tricky. But each site has various options, and you can decide how much or little you want or lock down your information. Profiles on any of the sites can be set as public or private--with a private profile being accessible only to those you are
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- FISMA Prescriptive Guide
- The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
- Beyond PCI Checklists: Securing Cardholder Data with Tripwire's Enhanced File Integrity Monitoring
- IDC White Paper: CCM for IT Compliance and Risk Management
- 5 Ways to Reduce IT Audit Tax
- WagerWorks Takes Fraudsters Out of the Game Using iovation
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
Digital ID World
-
September 14 - 16, 2009Rio Hotel and CasinoRegister Now »
Las Vegas, Nevada
(ISC)2 members can earn up to 24 CPE Credits!
Reference priority code ONLINE and attend the full conference for the reduced rate of $995!
