There's a stack of good resources on social security so I won't reinvent the wheel. That said I will provide some good resources. This stuff, I might add is good for any security professional. Whether you get random requests from friends and relatives, from the perspectives of a concerned parent or even just some of the dangers social networks pose to enterprise environments, I recommend you take a read.
- http://www.us-cert.gov/cas/tips/ST06-003.html
- http://www.csoonline.com/article/496314/Seven_Deadly_Sins_of_Social_Networking_Security?page=1
- http://www.crn.com/security/208401887
- http://www.netalert.gov.au/
Here is a summary of the attack types we are seeing:
- People using social networks to connect to potentially violent rapists or pedophiles.
- Attackers exploiting a victim's known location (see again here).
- Cyber bullying.
- Stalking.
- Targeted phishing attacks.
Parents need to consider everything from where is the computer placed in the home, what are the ground rules on Internet usage, educating their kids on how to build/manage their identity online and extent the rules of stranger danger to the Internet.
For individuals, consider just who do you really want in your social network, what sort of information should they have access to, just how much do you want to blur the lines between professional contacts and personal contacts. Also, make full use of the privacy settings so that the principle of least privilege still applies (e.g. On Facebook you can create multiple groups and assign varying levels of privacy rights to them). Also you really be wary about who you let into your life and just how much information you share.
I know this all sounds like common sense stuff but if it really were all common sense, we'd be out of a job.
- J.
PS: If friends or family ask for how to securely setup Facebook I suggest this link which has some good advice and guidance.
No comments:
Post a Comment