Is Facebook a danger to your business data?

We are all now familiar with the likes of MySpace and ­Facebook, and I am sure that many reading this article will have published their profiles, comments, moods and questions, and will have a list of online "friends".

We are all now familiar with the likes of MySpace and ­Facebook, and I am sure that many reading this article will have published their profiles, comments, moods and questions, and will have a list of online "friends".

The organisation I work for has its own network on one of the more common social networks, and I know from analysing the web ­access logs that many members of that network use the site during office hours.

One of the risks of social networking is identity management. Suppose you receive a request to connect with someone on the popular LinkedIn network. How can you know that the request is from the named individual, and not from an impostor looking to gather data about your firm?

Danger of the unknown

A fundamental flaw of all social networks is the lack of identity validation. Anyone can pretend to be anyone.

In July, New Scientist magazine highlighted this problem as it manifests itself on Facebook, where spammers create realistic profile pages that make them look like ordinary users. They then persuade people to accept them as friends, giving the spammer access to the victim's inbox, which they flood with Viagra ads and pornographic links.

Social networking sites do have their advantages. We can see if our contacts are online and interact with them in real-time. Having real-time access to a community or network of experts can create real business efficiencies and accelerate business processes.

Social networking is changing the way we interact. The catch is that there are presently no rules, and that makes it a dangerous environment.

Changing boundaries

One of the most important aspects of social networking from my point of view is that business use of social networks extends outside the organisation. Therefore, our boundaries become extended and the potential vectors to access to our data increase. From a user's point of view, the distinction between personal and business identities begins to blur.

Facebook's privacy policy runs to more than 3,200 words, with a disclaimer stating that the policy can change at any time without warning. Would you trust this company with your private data?

There are no guarantees and no restrictions about how Facebook can use the huge quantity of data that it holds. It is a marketeer's dream and a hugely valuable asset for the owners. Do not forget that Facebook was not designed for business it was intended as a fun "social utility" for students.

Despite the risks of using social networking sites, many of us do so - including me. The future will see more development of these sites, tighter integration with our business tools, and more risk to privacy.

The message has got to be "use with caution". Do not publish anything you are likely to regret later, because the likelihood is that your online content will live on longer than you might wish it to.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close