Social Media Security
The importance of social networks and how big are they.
The internet has changed dramatically since it’s inception. It was originally envisioned as an interconnected network for intellectuals to freely share information. Some of these early, text based sharing services continue today as IRC, FTP and email. Other early services like Gopher, are no longer used. But the early web was changed forever with the invention of the first web browser in 1992, which allowed the presentation of plain text and pictures together on a page. This was the beginning of the use of rich media on the web.
As the web evolved during the 1990s the types of media that could be embedded in a web page quickly increased to include music & audio clips and then video. The rapid expansion, growth and use of the web led many to invest, perhaps unwisely, in an unsustainable manner. This led to the Dotcom bubble of 2000.
After the Dotcom bubble the next big thing to come along was social sharing among small groups of friends. Sites like Friends Reunited and Friendster became popular. Then in 2004 Facebook was launched as a replacement for the school yearbook. It was initially open to students in universities, colleges and other schools, but the company quickly pivoted and opened up membership to anyone. The era of social networking services began.
Less than a decade later there are now over 200 active social networking sites; as at September 2013.
Predating social networking sites are virtual communities. The term “Virtual Community” was coined in 1993; at the time of writing there were 16 virtual communities with over active 100 million users. Some of these are social networking sites, which make up the most active subset of virtual communities.
The main differentiating factor between virtual communities and social networking sites is the use of social media which is the sharing of information and ideas using social networks. Social networking sites take advantage of social media and allow that data to be shared between individuals, groups or the general public (i.e. anyone on the internet).
You may never have heard of some of the biggest social networking websites, these they are some of the biggest sites in China and include Qzone, Sina Weibo and Renren. I will not talk about these sites in this book.
Another thing that many other authors have touched on is the apparent transient nature of many social networks. I have already mentioned sites like Friends Reunited and Friendster which were once very popular. But there are many others like Bebo and MySpace; all their popularity has now waned to such a degree that they are no longer considered among the leading social networks in the world. This fact should act as a warning to the top social networks, who are aware of their own transience and are continually making iterative (and sometimes significant) changes to their systems in an effort to remain relevant.
The rise in popularity of social networking sites is evident in their growth. Facebook took less than 10 years to attract more than one billion users, Twitter took seven years to attract three hundred million users and Google+ took just over two years to attract five hundred million users. Social media is big business.
Because of their size, social networks have a vast reach into the general population; something that has never existed before. This is causing a new paradigm of interaction, something for which the rulebook has not been written, as is still in a highly fluid state. Things that were seen as being the norm just 18 months ago, are now considered to be faux pas and what was previously frowned upon is now accepted behaviour.
Social networks are also moving more and more into mobile services, on mobile platforms as internet use has increasingly migrated towards mobile phones, tablets and other handheld computing devices. In July 2013 Facebook announced that over 750 million of it’s users were accessing the network via mobile.
Response rates for social media is up to 35 times higher than for traditional print advertising.
16% of media shared via social media is shared on Pinterest.
Opportunities
Social networks present many opportunities, these range from the obvious; networking with friends and colleagues, to marketing and sales opportunities, both for individuals as well as for companies.
The extraordinary reach of social networking sites is something that companies need to pay attention to because of the positive and negative effects they can have on the business.
Sometimes you have happy customers and sometimes you don’t. by having a good monitoring and response mechanism in place you will be able to effectively gauge the buzz around your company and engage with your customers in the most appropriate way. But there are many books about this topic. This book is about securing your social media presence, whether you are a company or an individual.
Some forward thinking companies have recognised the opportunities afforded by social networking sites and have put steps in place to actively manage their use. For example, in the UK, BT has implemented custom tools that it’s customer services team use as an additional way to interact with its customers and the public at large. BT’s software continually scans the social media sites for references to the company, allowing the team to quickly respond to complaints and queries. This enables a greater level of customer retention.
A good social media strategy will also enable a company to measure the sentiment (or buzz) about a company or product, enabling better more focussed marketing opportunities. Good social networking policies for internal users also form part of an overall strategy to reduce the risk of insider threats posed by social networking sites (see Section on Risks below). These policies should be designed to prevent commercially sensitive information from leaking, while ensuring legal and regulatory compliance. Policies should be clear, concise and easily distilled into a few bullet points that can be published in a leaflet or poster, as part of an ongoing awareness campaign.
Companies that recognise the value of social media have demonstrated that success is achieved through empowering staff to undertake social media on behalf of the company in line with policy, and backed by an ongoing awareness programme.
Any company that still thinks that social networking sites are a fad and continue to actively block internal users from accessing these sites is behind the curve and it may already be too late for them to get on the bandwagon. Such attempts to block social networking sites only impede the development of enterprise social media initiatives and drives its use onto unsactioned personal machines and accounts.
The social network Pinterest, which relies heavily on visual images, recently started providing pricing information on products. This has led to a significant increase in referral sales for some retailers. J Crew decided in August 2013 to release their catalogue on Pinterest - (http://mashable.com/2013/08/19/jcrew-fall-catalog-pinterest/)
Risks
Social networking sites pose many risks, both to individuals and to companies.
Risks for individuals:
stalking
oversharing
grooming (children)
Risks for companies:
inappropriate disclosure of confidential information (pre-release)
ignoring social media. e.g. The Ethiopian Airways plane fire at Heathrow only elicits 2 tweets from Boeing and social media is ignored by the airline (http://www.thedrum.com/news/2013/07/13/boeing-sends-just-two-tweets-and-ethiopia-airlines-ignores-social-media-entirely).
automating responses to social media posts. e.g. recent interaction by BofA twitter bot (http://gizmodo.com/bank-of-americas-twitter-account-is-one-really-really-713634226). Britain’s Prime Minister tweeting at a parody account in error (http://grahamcluley.com/2013/07/david-cameron-fake-tweet/).
Overall risks:
potential for massive digital misinformation. The rapid spread of information (via social media) in a today’s connected world has potentially serious consequences. E.g. when hackers co-opted the AP twitter account and posted that President Obama was injured in an explosion at the White House, the stock market fell by 143 points. (http://www.guardian.co.uk/business/2013/apr/23/ap-tweet-hack-wall-street-freefall
The recent changes to libel laws in the UK (Jan 2014) means that it can be easier to take legal action against defamatory posts. An online comment, such as a tweet, is potentially libellous in England and Wales if it damages someone's reputation "in the estimation of right-thinking members of society". It can do this by exposing them to "hatred, ridicule or contempt".
Why Security? Why Now?
As I have demonstrated. Social network sites are important tools for the modern age, and they will continue to evolve.
Who is the customer and what is the product? Personal users of social media believe that they are the customers of social networking sites, like Facebook. Everyone must recognise that if they are getting something for free then the product is in fact their user data and the customers are those companies who are willing to pay for access to that data. Facebook, after all, is a company and they need to continue to make money in order to survive and continue providing social networking services to the public.
Social network access and use is important for everyone, both individuals and companies.
The safe use of these important tools has meant that a clearly documented set of steps needs to be created in order to facilitate their safe use. That is the purpose of this book.
TWITTER
Twitter is a quick to use microblogging platform. It has traditionally been a text based platform but has recently expanded into the sharing of photos and video.
The short and quick nature of being able to push out a thought or link has both positives and negatives (see above)
Report twitter violations using one of the forms (https://support.twitter.com/forms)
Use the Impersonation form if someone is pretending to be you.
(https://support.twitter.com/forms/impersonation).
Use 2-factor authentication, finally implemented right. (https://blog.twitter.com/2013/improvements-to-login-
verification-photos-and-more)
FACEBOOK
GOOGLE+
LINKEDIN
GENERAL
In a corporate environment consider using a third party password manager like lastpass to manage the passwords for multiple machines and multiple users. The lastpass master password being protected with google authenticator.
Legal implications of posting on social networks. New libel laws that have come into effect in the UK in Jan 2014.
Some general best practices:
1. Think before you post
2. Be aware of the libel laws (see above).
The internet has changed dramatically since it’s inception. It was originally envisioned as an interconnected network for intellectuals to freely share information. Some of these early, text based sharing services continue today as IRC, FTP and email. Other early services like Gopher, are no longer used. But the early web was changed forever with the invention of the first web browser in 1992, which allowed the presentation of plain text and pictures together on a page. This was the beginning of the use of rich media on the web.
As the web evolved during the 1990s the types of media that could be embedded in a web page quickly increased to include music & audio clips and then video. The rapid expansion, growth and use of the web led many to invest, perhaps unwisely, in an unsustainable manner. This led to the Dotcom bubble of 2000.
After the Dotcom bubble the next big thing to come along was social sharing among small groups of friends. Sites like Friends Reunited and Friendster became popular. Then in 2004 Facebook was launched as a replacement for the school yearbook. It was initially open to students in universities, colleges and other schools, but the company quickly pivoted and opened up membership to anyone. The era of social networking services began.
Less than a decade later there are now over 200 active social networking sites; as at September 2013.
Predating social networking sites are virtual communities. The term “Virtual Community” was coined in 1993; at the time of writing there were 16 virtual communities with over active 100 million users. Some of these are social networking sites, which make up the most active subset of virtual communities.
The main differentiating factor between virtual communities and social networking sites is the use of social media which is the sharing of information and ideas using social networks. Social networking sites take advantage of social media and allow that data to be shared between individuals, groups or the general public (i.e. anyone on the internet).
You may never have heard of some of the biggest social networking websites, these they are some of the biggest sites in China and include Qzone, Sina Weibo and Renren. I will not talk about these sites in this book.
Another thing that many other authors have touched on is the apparent transient nature of many social networks. I have already mentioned sites like Friends Reunited and Friendster which were once very popular. But there are many others like Bebo and MySpace; all their popularity has now waned to such a degree that they are no longer considered among the leading social networks in the world. This fact should act as a warning to the top social networks, who are aware of their own transience and are continually making iterative (and sometimes significant) changes to their systems in an effort to remain relevant.
The rise in popularity of social networking sites is evident in their growth. Facebook took less than 10 years to attract more than one billion users, Twitter took seven years to attract three hundred million users and Google+ took just over two years to attract five hundred million users. Social media is big business.
Because of their size, social networks have a vast reach into the general population; something that has never existed before. This is causing a new paradigm of interaction, something for which the rulebook has not been written, as is still in a highly fluid state. Things that were seen as being the norm just 18 months ago, are now considered to be faux pas and what was previously frowned upon is now accepted behaviour.
Social networks are also moving more and more into mobile services, on mobile platforms as internet use has increasingly migrated towards mobile phones, tablets and other handheld computing devices. In July 2013 Facebook announced that over 750 million of it’s users were accessing the network via mobile.
Response rates for social media is up to 35 times higher than for traditional print advertising.
16% of media shared via social media is shared on Pinterest.
Opportunities
Social networks present many opportunities, these range from the obvious; networking with friends and colleagues, to marketing and sales opportunities, both for individuals as well as for companies.
The extraordinary reach of social networking sites is something that companies need to pay attention to because of the positive and negative effects they can have on the business.
Sometimes you have happy customers and sometimes you don’t. by having a good monitoring and response mechanism in place you will be able to effectively gauge the buzz around your company and engage with your customers in the most appropriate way. But there are many books about this topic. This book is about securing your social media presence, whether you are a company or an individual.
Some forward thinking companies have recognised the opportunities afforded by social networking sites and have put steps in place to actively manage their use. For example, in the UK, BT has implemented custom tools that it’s customer services team use as an additional way to interact with its customers and the public at large. BT’s software continually scans the social media sites for references to the company, allowing the team to quickly respond to complaints and queries. This enables a greater level of customer retention.
A good social media strategy will also enable a company to measure the sentiment (or buzz) about a company or product, enabling better more focussed marketing opportunities. Good social networking policies for internal users also form part of an overall strategy to reduce the risk of insider threats posed by social networking sites (see Section on Risks below). These policies should be designed to prevent commercially sensitive information from leaking, while ensuring legal and regulatory compliance. Policies should be clear, concise and easily distilled into a few bullet points that can be published in a leaflet or poster, as part of an ongoing awareness campaign.
Companies that recognise the value of social media have demonstrated that success is achieved through empowering staff to undertake social media on behalf of the company in line with policy, and backed by an ongoing awareness programme.
Any company that still thinks that social networking sites are a fad and continue to actively block internal users from accessing these sites is behind the curve and it may already be too late for them to get on the bandwagon. Such attempts to block social networking sites only impede the development of enterprise social media initiatives and drives its use onto unsactioned personal machines and accounts.
The social network Pinterest, which relies heavily on visual images, recently started providing pricing information on products. This has led to a significant increase in referral sales for some retailers. J Crew decided in August 2013 to release their catalogue on Pinterest - (http://mashable.com/2013/08/19/jcrew-fall-catalog-pinterest/)
Risks
Social networking sites pose many risks, both to individuals and to companies.
Risks for individuals:
stalking
oversharing
grooming (children)
Risks for companies:
inappropriate disclosure of confidential information (pre-release)
ignoring social media. e.g. The Ethiopian Airways plane fire at Heathrow only elicits 2 tweets from Boeing and social media is ignored by the airline (http://www.thedrum.com/news/2013/07/13/boeing-sends-just-two-tweets-and-ethiopia-airlines-ignores-social-media-entirely).
automating responses to social media posts. e.g. recent interaction by BofA twitter bot (http://gizmodo.com/bank-of-americas-twitter-account-is-one-really-really-713634226). Britain’s Prime Minister tweeting at a parody account in error (http://grahamcluley.com/2013/07/david-cameron-fake-tweet/).
Overall risks:
potential for massive digital misinformation. The rapid spread of information (via social media) in a today’s connected world has potentially serious consequences. E.g. when hackers co-opted the AP twitter account and posted that President Obama was injured in an explosion at the White House, the stock market fell by 143 points. (http://www.guardian.co.uk/business/2013/apr/23/ap-tweet-hack-wall-street-freefall
The recent changes to libel laws in the UK (Jan 2014) means that it can be easier to take legal action against defamatory posts. An online comment, such as a tweet, is potentially libellous in England and Wales if it damages someone's reputation "in the estimation of right-thinking members of society". It can do this by exposing them to "hatred, ridicule or contempt".
Why Security? Why Now?
As I have demonstrated. Social network sites are important tools for the modern age, and they will continue to evolve.
Who is the customer and what is the product? Personal users of social media believe that they are the customers of social networking sites, like Facebook. Everyone must recognise that if they are getting something for free then the product is in fact their user data and the customers are those companies who are willing to pay for access to that data. Facebook, after all, is a company and they need to continue to make money in order to survive and continue providing social networking services to the public.
Social network access and use is important for everyone, both individuals and companies.
The safe use of these important tools has meant that a clearly documented set of steps needs to be created in order to facilitate their safe use. That is the purpose of this book.
Twitter is a quick to use microblogging platform. It has traditionally been a text based platform but has recently expanded into the sharing of photos and video.
The short and quick nature of being able to push out a thought or link has both positives and negatives (see above)
Report twitter violations using one of the forms (https://support.twitter.com/forms)
Use the Impersonation form if someone is pretending to be you.
(https://support.twitter.com/forms/impersonation).
Use 2-factor authentication, finally implemented right. (https://blog.twitter.com/2013/improvements-to-login-
verification-photos-and-more)
GOOGLE+
GENERAL
In a corporate environment consider using a third party password manager like lastpass to manage the passwords for multiple machines and multiple users. The lastpass master password being protected with google authenticator.
Legal implications of posting on social networks. New libel laws that have come into effect in the UK in Jan 2014.
Some general best practices:
1. Think before you post
2. Be aware of the libel laws (see above).
Comments
Post a Comment