Social media security challenges
-
date post
19-Oct-2014 -
Category
Technology
-
view
1.764 -
download
3
description
Transcript of Social media security challenges
1
Social Media Security Challenges
Aleksandr Yampolskiy, Ph.D.(Gilt Groupe)
3
What is Social Media?
Benefits of Social Media
Reach out to customers quicker Brand recognition
Recruiting
Risks of Social Media5
Twitter XSS bugMyspace Samy worm
Facebook spear-phishingFacebook page of MI6 chief’s wife
Pros/Cons of Social Media
6
To summarize:
Positive benefits- Recruiting efforts through LinkedIn- Gilt brand expansion (Facebook, Twitter)- Blogging about latest fashion trends- Get the message out faster and to more people
Negative risks- Expands the network perimeter- Makes social engineering easier- Potential for data leakage- Malware, phishing, spoofing
Our solutions1. Heavily based on policy and training• Include a chapter in InfoSec policy about Social Media.• Define what social media is (blogs, networking sites, facebook, etc.)• Define what’s allowed to post and what’s not (no confidential info, no
negative comments about compettiors, etc.)• Who does the policy apply to? (everyone? Just pr or marketing?)
2. Permissive posture. Track usage of sites at firewall level but don’t block them.
3. These are just web 2.0 apps. So same rules apply.• Phishing prevention• Secure coding principles
4. Remind employees to use different personal passwords and corporate passwords.
7
8
Sample Threat Matrix For Social Media
Data leakage
on Twitter
Facebook malware
Spear-phishing
9