The Agency Insider with Linda McGlasson

Social Networking's 17 Golden Rules

Social Networking's 17 Golden Rules

It's something that caught my eye in my inbox last week -- an announcement from the European Network and Information Security Agency (ENISA) on social networking. Seems this group is facing some of the same problems as us re: getting our security and privacy arms around the flood of social networking sites available to our customers and employees.

ENISA's report shows the dangers of using social networking sites, especially when a user frequents them via mobile phones.

The agency outlines a number of risks and threats associated with using social networking sites and has come up with a list of 17 golden rules to follow when visiting them or posting anything. Among the tips:

Always log out once a session is over;
Never using auto-complete tools to fill in passwords and other forms;
Choose carefully whom you friend on social networks;
Don't publish really private information and so on.

ENISA's report also shows that the increased use of social networking sites means malware writers are having a field day, and criminals look to these sites for their first level of reconnaissance in picking a rich target.

Businesses, too, should pay attention to this report, as ENISA says the biggest risk for companies is information leakage. The report also cites one case of a university professor who suffered when someone created an offensive profile of him on Facebook, affecting his reputation.

As more people use social networking sites to connect to their families, friends and colleagues, how and what people are posting to these sites becomes a real privacy and security issue for everyone involved -- even those companies that don't yet have a presence on these sites.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.