A Contrarian View of Social Networking

Sure, LinkedIn and Facebook present security, privacy and productivity challenges. But if the sites are so bad, then why have so many security and privacy leaders joined them?

By
Wed, January 30, 2008

CSO — More doom and gloom news about social networking on the wires this week: The sites are allegedly costing nearly 6.5 billion pounds a year in lost productivity in the United Kingdom, says security consultancy Global Secure Systems and Infosecurity Europe. According to a press release, 776 office workers admitted spending at least 30 minutes a day visiting social networking sites at work. This comes on the heels of a report from Sophos that we covered last week, tracking how much time employees supposedly waste on Facebook.

Funny, though, CSO also just published an article about how a couple of the U.S.'s top security leaders have found sites such as LinkedIn and Facebook to be a useful tool for doing their jobs. Bill Boni of Motorola says LinkedIn makes him a more effective security leader, and CISO-turned-consultant Howard Schmidt—who seems to spend more time networking than anyone else I know—says the personal information he has learned about business contacts through Facebook has helped him forge stronger ties. (They offer advice on mitigating the security risks in "Social Networking Tips from Security Leaders" by Kate Walsh.)

Right before I went on maternity leave last spring, I was debating whether these sites were worth it. I even wrote a blog entry, "Poll: Is the Security World LinkedIn?", in which I asked the security community whether I ought to join. The results were mixed. A majority of people who answered the poll said LinkedIn was valuable, but some people posted very valid concerns about how the site, for instance, uses names from your address book to help you build a network, or about how the information you provide could be used as a profiling tool. True, all true, and at the time I decided to take a pass.

I came back from leave last fall to a new world. My boss actually asked me to join not one but two social networks as part of my job staying in touch with industry leaders and promoting our content. Since then, I've become fairly comfortable with LinkedIn, which is basically just an online resume. Facebook I'm not so sure about, but it's an interesting place to experiment with gathering opinions and sharing news.

My knee-jerk reaction is still that these sites are a bad idea, security-wise and privacy-wise. They also tend to suck time—it takes a whole lot of self-restraint to log on just long enough to do something work-related, then log out and move onto the next thing. But the reality is that every time I poke around in the connections of my connections, I'm surprised at the number and quality of security and privacy professionals who have decided the sites are worth it. For whatever reasons, the security world seems to have embraced LinkedIn, while the privacy world has gravitated to Facebook—but leaders from both areas are definitely embracing social networking.

Despite all the morose headlines about social networking as a killer of privacy and security, I'm inclined to start thinking that if the leaders in these industries are using the sites, they must not be such a bad idea. As for the naysayers? As Howard Schmidt put it to CSO's Kate Walsh: "My response to those in the security business lamenting the existence of Facebook and MySpace is to ask them if theyâ¬"ve ever been on it.⬝

So I ask you now: When can we stop assuming that social networks are just a waste of time that's not worth the risk? Or perhaps a more forward-looking question: How can we tell when social networking is actually helping an employee do her job, versus keeping her from her job or even making her employer vulnerable? This morning I posted a link to a CSO story on Facebook; that's work, about public information. A game of Scrabulous on Facebook—well not so much work, right? Unless, of course, Howard Schmidt challenges me to a game.

White Papers »
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.
Insiders Can Ruin Your Company. Take Action.
Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in organizations worldwide. This white paper from NetIQ, discusses key technology solutions that help to prevent and detect insider threats.
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.
Streamline Compliance and Increase ROI
Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will help your business gain the maximum return on investment possible while aligning your compliance programs.
Has Your Server Infrastructure Kept Pace with End User Demands?
Learn how your answer to this question compares to your peers by taking this quick poll. See how your peers are dealing with the challenge of ensuring a highly capable server infrastructure as technological shifts impact the application server platform.
Webcasts »
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and enterprise campus network infrastructures for the Cloud, and identify ways to better allocate network resources, reduce operating costs and improve application performance.
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and disaster recovery and support considerations.
Virtualizing Microsoft and Oracle on VMware vSphere: Benefits and Best Practices
Virtualizing business-critical applications is an essential step in your journey to the cloud. Microsoft SQL Server, Exchange and SharePoint, and Oracle applications, are often the backbone of business IT. The benefits of virtualizing these applications extend far beyond mere consolidation. Understanding how VMware improves quality of service and agility while reducing costs will help you make the case for taking virtualization to the next level in your company.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Overcome Top 7 Admin Challenges of Active Directory

Top Solutions and Tools to Prevent Devastating Malware

Insiders Can Ruin Your Company. Take Action.

X-Ray of the PCI Process-4 Proactive Steps

Streamline Compliance and Increase ROI

Has Your Server Infrastructure Kept Pace with End User Demands?

Delivering a Greener Data Center

Cloud-Scale Networks Using Open Fabric Architectures

Mobility in the Network: A Phased Technology Approach

Smarter Commerce is redefining value chain visibility

Digital Transformation: Creating New Business Models Where Digital Meets Physical

IBM Synchronizes its Commerce 2.0 Strategy with 'Smarter Commerce' Initiative

Identity Governance: The Business Imperatives

CA Technology Brief: CA Point of View: Content Aware Identity & Access Management

Enterprise Strategy Group: The Case for a New Data-centric DLP White Paper

Data Loss by the Numbers

Data Loss Prevention Solution for Managing E-Discovery

Best Practices in Data Protection - Executive Summary

Business Centric DLP

ESG Lab Validation Report: HP Data Protector & Deduplication Solutions
Resource Center
buy a link »
Ads by TechWords