Facebook, Inc.
Image via Wikipedia

One of the greatest challenges to privacy and security in the next several years is Social Networks and Social Media. Sites like Facebook, Twitter, LinkedIn, MySpace and others can be the downfall of valuing information. The ability to share and provide information is completely the opposite of network security requirements.  This is really encouraging people to do things that are not security conscious activities. Social media encourages:

  • Lack of privacy
  • Encouraging information sharing
  • Giving away answers to security questions
  • Social engineering

As we have seen recently, a lot of spam, spyware and malware is attacking social network. Just in the past week I have probably recieved a 100 requests to be my friend on Facebook from people who I do not know and funny enough, all the message have the exact same personal message. Malicious people are attracted to social networks because of the ease of gaining trust and availability of data for social engineering.  Relationship building is easier through social media which can easily lead to phishing attacks.

With these sites, people install applications without knowing what goes on in the background, and its easy to download malicious code to your computer. There are no external third party audits of these applications before the make it to your Facebook application. Your computer can be easily infected by a virus or spyware.

What does the Social Media user to protect their information?
No Personal information – This is anti-social network, but there are things you can limit about what you post. Don’t post your Birthday! Or your address or your mothers middle name or any really personal data.

Limit who can view and contact you – Don’t let your profile be truly public, restrict to people you know for requested users.  Remember you can’t retract information you put out there. 

Don’t trust strangers – Your mother was right, don’t open the door to strangers. Limit who you accept chat or friend requests from and well as even communicate with.

Trust no Profile – People lie, it’s sad but true. So profiles lie, they might say they went to your college or high school.  They might be interested in your groups, so don’t take anyone at their word.

Restrict your privacy – There are some configuration setting in all the social media applications that can allow you to turn on some restrictions on your privacy. Take a minute to actually look at them. One easy example is in Facebook you can create groups that you can place friend in; you don’t want business people seeing what your friends are posting.

Password management – An oldie but a goodie, always use a strong password and don’t share it. And change it periodically.

Layers of protection – You should be running a personal firewall and antivirus software on the machine you are viewing social networks. This will help if a malicious piece of software tries to download something to your machine. Keep your protection software up to date as well and run the patch management software on your machine, this is especially important for you Windows users.

Child protection software – You should have some kind of child protection software running on machines where children under 13 are using. This will help with all that shady software that is out there.

Gary Bahadur

http://www.kraasecurity.com

http://blog.kraasecurity.com

http://twitter.com/kraasecurity

Address: 200 Se 1st St #601 Miami FL 33131

*Managed Security Services

*Vulnerability Management

*Compliance & Policy Development

*PGP Security

*FREE Website Security Test 

Reblog this post [with Zemanta]