Nortel Webinar Sept 20
Stay Current


The Security Risks of Social Networks

What your employees do online on their own time can still create all kinds of trouble for your business. Here’s how smart companies are coping.

John Edwards on July 9, 2007

Internet social networks are great places to meet and network with people sharing similar business interests. But MySpace, Second Life and similar Web 2.0 sites can also pose serious security threats to users and their companies.

Related Stories:

Many businesses view social networking sites as a kind of online cocktail party -- a friendly, comfortable place where one can establish contacts, find buyers or sellers, and raise a personal or corporate profile. But the cocktail party metaphor isn't entirely accurate. In fact, users would be better served if they thought of social network services in the context of a loud glass house; a place with endless visibility and each occupant talking through a highly amplified bullhorn.

Since most people access social network sites from the comfort and privacy of their home or office, they can be lulled into a false sense of anonymity. Additionally, the lack of physical contact on social network site can lower users' natural defenses, leading individuals into disclosing information they would never think of revealing to a person they just met on a street -- or at a cocktail party.

Staying safe on a social networking service means recognizing these factors, and working knowledgeably within a set of simple guidelines.

Protecting Yourself and Your Business
  • Be Discreet - Never type anything into a profile page, bulletin board, instant message or other type of online electronic form that would expose you to unwanted visitors or the possibility of identity theft or malicious threats. This includes personal and business names and addresses, phone numbers, job titles, birth dates, schedule details, daily routines and business or family information. It's far better to communicate in generalities than to reveal information that unscrupulous individuals may someday use against you.
  • Be Skeptical - Social network sites are full of useful business information, as well as to substantial amounts of useless disinformation. Treat anything you see online -- stock tips, advance news, personnel gossip and so on -- with a high degree of skepticism. Some people will lie in order to boost their own agenda, while others will spout unsubstantiated rubbish out of stupidity or sheer ignorance.
  • Be Thoughtful - Nobody likes a loudmouth, but the Internet has a curious way of releasing personal inhibitions. Never type anything online that can come back to bite you. This includes outrageous claims, slander, obscenity and insults. Be cool and professional, and always think twice before typing.
  • Be Professional - If you're posting a picture or video to a social network site, make sure it presents you in the best possible light. Dress professionally and, above all, don't disrobe or wear a funny hat.
  • Be Wary - People on the Internet are not always who they seem to be. The CEO you're chatting with in Denver may actually be a 14-year-old kid in Milwaukee -- or a prisoner in Romania. Until you can independently verify someone's identity -- using the same business tools that you would turn to to screen a new hire or confirm a prospective business partner -- never, ever reveal personal, business or financial information.
  • Check Privacy Policies - All major social network services have specific privacy guidelines that are published on their Web sites. Take the time to read and understand these documents, since they include the types of information that they will reveal -- or sell -- to other parties (including spammers). If you don't like the terms, don't use the service.

Social network sites are potentially useful business tools, but only if you approach them with an adequate amount of caution and common sense.

Related Stories:

The iPhone Security Threat

Firewalls, the Future and Web 2.0

NAC Facts: Hype vs. Reality

NAC Comparison Guide


All fields are required. Your E-mail will not be published.

Nortel Webinar Sept 20