Cyber Security News

Censoring Social Media to Reduce Risk

With the advent of social media, personal and professional identities are beginning to blend together. I am linked, I tweet and am face booked. I have my own space; I can Skype and even FaceTime. By accessing all these sites, my professional and personal lives seem to be getting in the way of each other. In fact, my personal and professional identities are melding. My friends know what I am doing at work, and my work associates can view my personal life. LinkedIn associates can find me on Facebook, and my Facebook friend reach out to me in LinkedIn. My social friends now know what organizations I belong to professionally and vice versa. Pictures of social events can be seen by work associates, and my Tweets appear on my Facebook and LinkedIn pages.

As a security professional, the blending of personal and professional identities is a concern. It creates new risks for both the individual and corporation identities. The combined social networks expose our personal lives to our corporate regulators, and our personal contacts and associations expose corporate entities to virtual risks related to passwords, proprietary information and network attacks. 

The merger of an individual’s personal life and professional life exposes character information to the corporate entity more than ever before. Individuals do not always realize the impact of their social postings and how it can affect their job search or continued employment. Today, an employer can see who the applicant’s friends are, his/her personal interests, how much they party and with whom. HR can determine political persuasion from Tweets and get a very clear employment history from LinkedIn.

Access control is another concern when entwined within the social network scene. The merger of social and professional associations increases the potential for hackers to infiltrate corporate networks. All of us struggle with creating and remembering passwords for all of the sites, plus work systems. Often people use the same password for their social and professional logons. Hackers now target social networks to obtain passwords for bank accounts and other systems. And it is not uncommon for a hacker to sell stolen passwords for fraudulent purposes.

Additionally, there are persons out there who are interested in gaining access into corporations to hear about new products and obtain information on client lists. In today’s competitive marketplace, it is safe to assume that there is always someone looking to obtain information to give them a competitive edge. Hackers scan social networking sites to see the activity of employees that work in a targeted company. This new form of industrial espionage has allowed wrongdoers to easily collect information that in the past required theft or other crimes. Hackers are successful because social networkers, in an effort to impress or provide daily content, find themselves accidentally disclosing information about a product or customer. 

Lastly, corporate IT departments have struggled with allowing employees to access social media sites during work hours and on corporate devices because of the chance of an employee downloading a virus or malware. Many people had clicked on an ad or notification that transmits a virus throughout the network or device. Some of these corporate attacks have intentionally targeted employees who work in specific corporations.

So how can we prevent identity compromise and unauthorized access into corporate networks? We all can help protect our personal and corporate identities by first looking at the passwords we use. In order to protect both our corporate and personal devices, network passwords should be different. For example, I have a separate single password for all of my social networks, one for my personal banking, etc. and one for my corporate systems.

For my Facebook and LinkedIn accounts I have reviewed and understand all of the security settings. Only my friends and personal contacts can see my entire profile. I never reference what I am doing at work, and I make sure that when I travel for work I do not “Check In” at any restaurant or place, except on social occasions. When I post, I do so to reference a particular article, or comment on an existing post.

I never, ever open a site or download from any social network, even if it is from a friend. If I am interested in it, I go to the website and check it out first, or I ask my friend about any problems with it. These few simple tricks can mean the difference between getting hacked, getting hired, promoting a virus and letting your competition know the next best thing your company is promoting.   

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Bernard Scaglione

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security magazine March 2015 issue cover

2015 March

In this March 2015 issue of Security check out our product preview of ISC West 2015. Also, learn how to make the best use of your security technology by working with your security integrator, get info on penetration testing, and discover how white glove security can enhance bottom line real estate value.

Table Of Contents Subscribe

Tougher Cybersecurity Legislation

On January 20, President Barack Obama called for tougher cybersecurity legislation in his 2015 State of the Union address. Which of the following points do you feel is most needed today?
View Results Poll Archive


Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.