If It’s (not) Good Enough for the Marines: Social Sites and Security

Last month, a variety of federal employees complained at Beth Noveck’s presentation in Second Life that they have problems doing their tech jobs and work in Second Life because the sites are blocked at their place of work, asking Beth to look into this issue and finding ways to open up access to social sites in federal workspaces. Beth wryly admitted to having the same problems in her own office! At the same time, there were reports of chronic long-standing problems with Twitter’s security, including identity theft, false identities, account theft, and account deletion.

Last week the Department of Defense said they might be banning social networking sites like Facebook and Twitter as security risks. Yesterday the Marines announced they are definitely blocking the sites from access for certain areas of the network, while they will continue to be accessible for certain specified purposes and locations. Today, Price Floyd, the Principal Deputy Assistant Secretary of Defense for Public Affairs, began polling his Twitter followers on whether access is really necessary from government work computers.

Price Floyd Tweet

Also today there were even more reports of Twitter malware, a marvelous overview of Web 2.0 security issues by Jennifer Leggio (aka Mediaphyter), and a letter was released by Ben Shneiderman, a famous artificial intelligence researcher, and several of his peers. The letter was sent to President Obama requesting that serious attention be given to social and participatory technologies that support both the Open Government movement, communication between the leaders and the rest of the country, as well as supporting improved communication among government workers.

“This new phenomenon would also lead to the construction of social participation tools, and it is conceivable — though much less certain — that extremely powerful collaborations of this type may thus be constructed. A single collaboration of this type, promoted by the Internet and mobile devices, might very well revive the economy of whole cities and regions. Other applications might enable efficient citizen reporting during disasters, support rapid health care information dissemination during pandemics, generate a wealth of expert guidance on government issues, and promote widespread community or national service. The lessons of history teach us that any potent technology can have negative outcomes, so careful attention is needed to anticipate and minimize these dangers.”
Shneiderman B, Preece J, Pirolli P, Smith MA, Marchionini G, Lazar J. An open letter to Obama, in support of social participation. Federal Computer Week Aug 05, 2009. http://fcw.com/articles/2009/08/03/commentary-shneiderman-letter-to-obama.aspx

In an earlier post in this series, the topic was licensing. Once you start thinking about legal issues, security and privacy issues follow quickly. This seemed like a good time to to touch on the topic, at least briefly. Obviously you do want to think about these issues and include this in your social media plan.

The main issues seem to be these: identity theft of your real life information (such as passwords and email), identity theft in which someone takes an account with your brand (squatters) and pretends to be you, and content theft. Each one of these is easily worthy of its own post, so count on my coming back to them. For today, here are just a few places you can start with for formulating your own thoughts on security in social sites.

Facebook: Security: http://www.facebook.com/security

Sophos: Security: Best Practice: Simple steps to avoid identity theft on Facebook: http://www.sophos.com/security/best-practice/facebook.html
See also:
Sophos: A to Z of Computer Threats: http://www.sophos.com/sophos/docs/eng/sophos-a-to-z.pdf

Internet Security Zone: Twitter Viruses, Scams & Attacks – How to Protect Yourself: http://blog.zonealarm.com/blog/2009/06/twitter-viruses-scams-and-attacks-how-to-protect-yourself.html

Best of all, here is a one page example policy for companies and enterprise solutions to consider adopting or modifying for their own purposes.

Shift Communicators: Top 10 Guidelines for Social Media Participation at (Company): http://www.shiftcomm.com/downloads/socialmediaguidelines.pdf

The same thoughts and strategies expressed in the recommended readings above tend to apply to other social networking and social media sites. In addition, always have a back up for your content (which is another post topic!).


One response to “If It’s (not) Good Enough for the Marines: Social Sites and Security

  1. and if you are worried about Facebook, then backup your account – SocialSafe will do the job – http://www.socialsafe.net


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s