Social Networking Sites Posing Risk to Organizations’ Information Security

Reinhardt Buys, Senior Manager for Technology Law of Deloitte & Touche, says that social-networking websites like Facebook could be a threat to the online security of businesses or other organizations, as reported by Cape Argus on May 25, 2009.

Buys elaborated, while Twitter and Facebook or other social-networks and various blogs could prove powerful utilities for users, they are also risky as they greatly challenge the internal security of organizations.

A recent poll by Deloitte & Touche reveals that the information security of a company could be in danger as security flaws in Web 2.0 technologies are exploited and social engineering tactics like phishing and pretexting are employed to attack them.

The security specialists state that phishing and pretexting are fraudsters' methods to scam end-users so that they hand over their personal information to scammers who pose as legitimate businesses.

In pretexting, a fraudster poses as a business entity - for e.g. a bank that allegedly asks a consumer for his account details, whereas phishing is something more, as in this the fraudster not only poses as a reputed business entity but also sets up a counterfeit website by which he tries to seize the consumer's information.

Buys further adds that these threats are on the rise while organizations are spending less on the security of Internet technology. The poll found that 33% of those questioned were cutting down their budgets for IT security, while 60% felt their handling of security threats was not sufficient. Moreover, merely 6% of respondents said they allotted around 7% of their information technology finances for security.

Commenting on the poll results, Buys said they suggest that organizations are clearly reducing their resource allocations in 2009 which is adversely affecting the security of technology, telecommunication and media organizations, as reported by Mail & Guardian Online on May 26, 2009.

Additionally, a survey by Tesco Personal Finance of 2,000 British social-networking websites users revealed that 57% willingly posted their birth-date on personal pages, 56% divulged their home town's name and 31% their job secrets, suggesting that in spite of being aware of the probable dangers, people continued to divulge their personal details.

Related article: SoCal Computer Hack Traces to Watsonville

» SPAMfighter News - 5/29/2009