Information Security in the World of Social Media

Learning to Speak

Imagine a world where people just learned to speak. The populace rejoyces from the sharing of stories and jokes. People exchange opinions and know-how in new and exciting ways. Who is unhappy about the development of vocalized words? The data guardians: information security personnel, corporate compliance officers and risk managers. It is just too hard to control access to sensitive materials when sound travels freely, they complain. Loose lips sink ships, the saying goes.

Learning to Write

Imagine a world where people just learned to write. Information flows at unprecedented rates, with written manuals codifying best practices and poems lauding the world and its people. Infosec and their colleagues are concerned. Its too easy to leak data now. What about compliance with confidentiality agreements and regulations? How will we keep auditors at bay? Written words are for nerds, they proclaim, hoping to rein in the written menace.

Learning to Internet

Imagine a world where people across the world share thoughts instantaneously and cheaply. Ideas flow regardless of geographic boundaries. Keeping in touch with friends is as easy as glancing at a mobile device in the palm of your hand. That is the world of Internet social media and social networking. We’re living in it now. Information security professionals are, of course, concerned. On-line sharing makes enterprises weary.

Making Sense of the New World

Of course, I am unfairly vilifying infosec individuals, among whose ranks I work and play. We operate as part of an IT risk management ecosystem and are paid to be cautious. It is natural for us to worry about data controls. This is especially true when the technological and cultural forces that encourage data sharing are ahead of information protection tools and processes.

Yet, people are social creatures who will continue to interact with each other in novel ways despite corporate policies. Infosec can join the conversation and understand the new communication media. Together with our colleagues we can find a way to exchange data in innovative yet responsible ways. Collaboration is our salvation. Cliché, I know.

For more on this topic, see my other posts that discuss social networking, social media and security.

Lenny Zeltser

Updated

About the Author

Lenny Zeltser is a seasoned business and technology leader with extensive information security experience. He builds creative anti-malware solutions as VP of Products at Minerva. He also trains incident response and digital forensics professionals at SANS Institute. Lenny frequently speaks at industry events, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more