How to limit Twitter risks
Twitter is now used by over 350 million people worldwide. However, Twitter is also gaining a reputation as security risk for individuals and organizations. Every business or organization which uses Twitter (or any other social media or networking site) should have a strong policy in place (and enforced) that clearly states how it should be used by employees.
They need to be aware of the consequences of sending out seemingly innocent tweets which could still get them into deep trouble. In December 2009, a Vodafone employee was fired after his post was deemed by the company to go against fair competition. Drastic? Maybe, but it showed that even a humorous post could backfire.
Some basic rules to limit the risks posed by Twitter and other social networking sites include:
1. Think twice before posting. Employees need to think compliance, integrity, security… then post.
2. Access URLs in tweets with care. If there is no real need to check out the site, leave it.
3. Show employees what to look out for. How to notice when someone is stalking or attempting to social engineer information.
4. Avoid confrontation on Twitter. It is a great tool for customer feedback but a disaster in resolving issues.
5. Create a policy in a language that is understood by employees. Have them sign it. There should be no excuses that they did not know what they could or could not say.
|
William J McBorrough is a Security Expert with many years of success Managing, Designing, and Implementing medium and large enterprise Physical and Information Technology Security Solutions. His experience spans the spectrum from small e-commerce start-ups to multi-campus state and federal agencies to global financial sector organizations. He is on the faculty of various universities including University of Maryland University College, EC-Council University, George Mason University and Northern Virginia Community College where he conducts research and teach graduate and undergraduate courses relating to cybersecurity, cybercrime, cyberterrorism, and information security and assurance. He holds a Bachelors of Science in Computing Engineering with a concentration in digital networks and a Masters of Science in Information Security and Assurance. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk Information System Control (CRISC), and Certified Ethical Hacker (CEH).He is well versed in personnel, systems and network security risk management. His core competencies include Developing cost effective solutions to enable mission assurance in the following areas: Enterprise Risk Management, IT Governance, Security Organization Development, Information Security and Assurance
|
Related posts:
- Staff Leak Military Secrets on Facebook and Twitter
Are your employees ( or you ) leaking sensitive data over the social networks? This report from the UK should give you pause. The Ministry of Defence has admitted that... - Twitter makes security enhancements to help users
Twitter has added a new service that detects malicious URLs in an effort to quell the rise in spam and phishing on the microblogging social network. I previously did a... - What is the values proposition for allowing users access to social networks?
What is the values proposition for allowing employees access to web 2.0 resources such as social networks? Every other day, we hear about the risks. Compromised Twitter accounts, phishing via... - Facebook and Twitter
I have never found much use for social networking sites like Twitter and Facebook however that has changed. Since starting this blog, I have discovered plug-ins for WordPress that integrates...