Slideshows

Don't Friend Your Enemies: The Insecurity of Social Media

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Exercise Vigilance


Social networks and mobile platforms have made the software you use more vulnerable. Attackers have nearly unlimited time, sills and resources to exploit the vulnerabilities. Keep on top of what threats are developing. To monitor for unknown threats, develop heuristics that can detect unusual code or activity. Develop baseline metrics; monitor for unusual spikes in network activity or traffic destinations.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Clarity in the Cloud.


Be careful about what data to put in the cloud. Know where the data will be housed. Assign responsibility for security. Set security priorities. Review policies and performance regularly.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Leave It Home


Particularly when traveling abroad, leave the mobile phone at home. Do not take it with you. Arrange to have a temporary replacement that you can afford to lose and which contains no personally identifiable information or sensitive company documents, spreadsheets or the like.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Lock It Down


Many types of smartphones (and, now, tablets) can be configured to lock down browser access, limit downloading of outside applications and keep control over other functions. Create and maintain “white lists” of approved applications. Configure devices to block scanning, sniffing and tampering.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

The Problem with iPads & iPhones.


Mobile devices are relatively easy, low-risk points of entry for attackers. They can be remotely monitored for passwords, account numbers and personal identification data.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Beware of Your Background..


Adversaries can use data extracted or derived from social media sites and public sites on the Web to figure out the affinities of executives and board members, past career moves and anything that might give a hint to passwords or other means of getting through authentication systems. The information gleaned from your executives’ “digital exhaust” can be used for attacks or identity theft. At stake: Account access.

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Meet the Spear Fisher


Hackers are now specifically targeting high-level executives and board members to gain control of corporate information systems and resources, according to Deloitte & Touche principal Edward Powers. The practice is called “spear-fishing.”

Don't Friend Your Enemies: The Insecurity of Social Media Don't Friend Your Enemies: The Insecurity of Social Media

Don't Friend Your Enemies: The Insecurity of Social Media


Financial firms are still trying to develop coherent social media strategies. But don’t race into it: the risks are not well understood. And you may already be giving out too much information about the most important people in your organization: top executives and members of your board.


This presentation is gleaned from “The Future of Security: Evolve or Die,’’ produced by Edward Powers, a principal and security specialist at Deloitte & Touche LLP.

Financial firms are still trying to develop coherent social media strategies. But don’t race into it: the risks are not well understood.

Already a subscriber? Log in here