If you have been using social media or are curious of the security of this emerging technology you may be interesting reading my recently published article in issue 21 of (IN)SECURE Magazine. In my article I discuss why companies are starting to use social media, the benefits/risks and what information may be posted about your company on social media/networking web sites. I also talk about some cost effective tools your company can use to start your own social media monitoring program (without spending a ton of cash) and how to put in place guidelines for employees regarding the use of social media. Yes, even if you block these sites in the workplace employees are going to use social media/network sites outside of work if you like it or not…you had better get used to it and adapt your policies!
This article started from me actually seeing how much information there is about businesses within social networks. Both good and bad! The information I have found has been extremely valuable when conducting penetration tests. In fact, this information can be so valuable that you may be surprised how easy it is to use this information for social engineering or more…the possibilities are endless. As I pointed out in my article, get together with the business leaders in your marketing and/or public relations group and talk about social media and how to use it with a bit of security and privacy in mind. You might be surprised how receptive they are to the input from a security professional!