Here is the fifth part of the blog series on cyber security, following its fourth part on password management that describes the concept of social networking and a few tips to follow to have safe networking online.
Social networking is a medium for managing social relations, both personal and professional, using the Internet. Social networking web sites such as Twitter, Facebook, LinkedIn, etc., provide a convenient and efficient online interface for communication with multiple people in a user-friendly manner. People are connected to their friends, family, colleagues, and followers in real-time, even on-the-go using mobile devices. Important events in people’s lives and people’s opinions on any subject seem to be communicated to all only via the social networking medium.
Social networking sites can be used to reach a wide audience very quickly through multiplier effects, e.g. people re-tweeting somebody else’s tweet. Therefore social networking is regularly used to communicate positive content. Sometimes certain content can become so popular amongst the masses that its immediate and far-reaching spread is described as “going viral”.
Unfortunately social networking sites can easily be abused to deliver negative content, intentionally or unintentionally. In addition, social networking sites are time and bandwidth consuming, and help to spread malware, therefore are particularly unwelcome within a work environment.
There are several risks associated with social networking which should be understood and managed effectively:
Users of social networking sites tend to post Personally Identifiable Information (PII) such as bank account and medical information, birthday, phone number, address, etc. online which can be used against them in harmful ways by other users, including professional criminal gangs. This is because information posted online may be accessible publicly. There are examples of burglaries which take place because users are known to be on holiday, leaving their houses empty. Users are advised to:
- think twice before sharing PII online
- read the Terms & Conditions of the social networking site carefully to verify what information is considered shareable and with whom
- consider configuring privacy settings on social networking sites to protect PII better
- avoid online surveys which extract PII
People in the virtual space of social networking sites cannot have their profiles pre-verified for authenticity so it is possible to create fake profiles which can be used to lure or spy on victims. Children are particularly vulnerable to being stalked by dangerous elements harbouring prurient ideas. In addition cases of use of abusive content to terrorize users are common. These actions are called cyber bullying and trolling, and can take a devastating toll on a person’s mental state. The following security guidelines are recommended:
- Users should never accept an anonymous friend request.
- It is important to use Parental Control software such that in K7 Total Security which allows blocking of certain sites or at least enforces restrictions on the time spent on certain sites.
Cyber criminals can spread malware and spam through social networking sites, causing users to expose their computer to infections. The following security guidelines are recommended:
- Users should never click on the links on anonymous chats
- Users should never download media files, including images and videos, from unknown sources.
- Use strong passwords to avoid account hijacking and periodically cross-verify that privacy settings have not been modified.
- It is important to use world-class, up-to-date Anti-Virus software such as K7 Total Security to protect against malicious files and block phishing and malware website links.
The resource-wasting aspect of social networking sites within an office environment can be prevented by blocking social networking sites locally using K7 Total Security or across managed computers using a central policy deployed by K7 Management Console.
Social networking has even been abused to spread disinformation and propaganda to engender a polarizing effect and mass panic amongst communities, which can be considered a national security threat. This implies that the content on social networking sites needs to be monitored closely and corrective actions taken as per the prevailing laws when security issues arise.
…to part 6: digital signatures
Images courtesy of:
K7 Threat Control Lab
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: http://blog.k7computing.com/feed/