Security and the Social Network

Social Networking is one of the hottest trends in IT and while it has the potential to improve communication between a company and its customers, the security risks of co-opting social networking are non-trivial. By Manjari Juneja

As companies leverage sites such as Facebook, MySpace and Twitter in order to connect with their customers and disseminate information about their products and services, they open themselves up to spam attack or data leakage. When social networking sites such as MySpace and Facebook first emerged, some businesses viewed them as a distraction from work and banned them.

With the appearance and growing proliferation of other social formats, such as Twitter, companies have begun to embrace this potential for collaboration. Social networking has evolved from personal networking to become a medium for mass communication. Many companies now view sites such as Twitter, Facebook etc. as valuable marketing channels.

Michael Buck, Director, Global SMB Online Business, Dell, said, “SMB customers and businesses are taking advantage of social computing forums such as wikis, blogs, RSS, file sharing and user-generated content. There are great opportunities for customers to collaborate and learn.”

Vipin Tuteja, Executive Director, Marketing and Business support, Xerox India Limited, added, “A recent survey conducted by a leading research organization (Juxtconsult.in) confirms that over 32 million people in India access the Internet daily and over 81% of all Internet users undertake some or the other ‘social interactivity’ activity online. With over 50,000 active bloggers, 11 million Facebook users, 16 million Orkut users and India being ranked ninth in the Twitter list; the social media wave has enthralled every domestic household. Even as we are having these discussions on social media trends, online conversations are happening about Xerox. Therefore social media has evolved as an integral part of our communication strategy globally and in India. As a relatively new, but an important interactive medium of communication, social media is here to stay.”

However, since social networking sites are so user friendly, it makes them all the more dangerous. With e-mail, attackers only had a limited number of ways to harm a computer but social networking sites provide them with a much broader range of options.

That being said, blocking social networking sites is no longer feasible—they are an integral part of marketing and recruitment programs in many companies today. No single detection mechanism can provide complete security: neither signature-based nor behavior-based products are foolproof. However, by implementing a combination of detection mechanisms, the chances of malware slipping by can be drastically reduced.

Ram Krishna G, Technical Head, SANVEI Overseas, added, “Social networking is considered ad-hoc and non-serious communication by people. They do share important information including classified information about a company with their friends. While some of the information can also be shared over the phone (without social networking), the danger of social networking is paramount as the information available to people’s disposal with a computer is enormous.”