As security conscious IT and Business Management professionals, we need to be concerned and informed if our organisation is using a social networking site as part of their business model. Especially if it is disappearing into the Cloud, currently the main or prime target for all the shadowy internet 'terroristas'.
Also, we may have a little more time on our hands, now that those precious customers are thin on the ground. This is just the opportunity you need to review and strengthen your defences: check the perimeter and infrastructure by all means but you know the 'people' are the biggest risk to security.
We are all too aware that cyber-criminals can easily hijack accounts and e-mail customers on our behalf, and we take account of that through our extensive and elaborate, e-mail scanning and monitoring efforts. According to the FBI and other global law enforcement authorities, you are obliged to warn your colleagues, customers and users to make all efforts to protect themselves and the organisation whilst using an open internet connection.
The user is also responsible for the consequences of their own behaviour. It has always been thus but the rate of change of threats we are experiencing does create a lag in time between the separate actions of knowing, defending and informing. We see that lag as a risk and the criminals see it as an opportunity.
Make your people aware of threats and the emerging, changing nature of threats. Request that they think about 'secure' usage and help them do this by drawing their attention to, and take note of, the following good advice:
1.Adjust Web site privacy settings to help protect your identity.
2.Be selective when adding contacts.
3.Limit access to your profile.
4.Disable options that you rarely use.
5.Be careful what you click on.
6.Be familiar with security settings and know how to recognize if your account gets hijacked.
7.Understand the process of how to report a hijacked account to the site owner.
Although this is not a comprehensive list, neither is it a guarantee of full protection, it is important to educate our colleagues and users about the possible security risks and the issues they face. Remember, their issues, if unresolved, will quickly become our problems. If we accept and consider them the weakest link in our security chain, what are we doing about it?
1.Adjust Web site privacy settings to help protect your identity.
2.Be selective when adding contacts.
3.Limit access to your profile.
4.Disable options that you rarely use.
5.Be careful what you click on.
6.Be familiar with security settings and know how to recognize if your account gets hijacked.
7.Understand the process of how to report a hijacked account to the site owner.
Although this is not a comprehensive list, neither is it a guarantee of full protection, it is important to educate our colleagues and users about the possible security risks and the issues they face. Remember, their issues, if unresolved, will quickly become our problems. If we accept and consider them the weakest link in our security chain, what are we doing about it?
No comments:
Post a Comment