By Kevin Prince, Chief Technology Officer, Perimeter eSecurity
Social Networking is a phenomenon that has officially grown out of control. I mean that literally. It has grown to the point where neither the users nor the social networking companies themselves can control these monsters that have been created. It reminds me of the movie Jurassic Park where John Hammond, a wealthy older man, wanted to build something no one else had ever done: a fun theme park combined with a zoo of cloned dinosaurs. He built what he thought would be adequate security, but in reality, didn't understand nearly enough about the environment he was trying to control. People naturally trusted that proper security was in place and that they would of course be safe. Quickly things spiral out of control and nearly everyone gets eaten by the end of the movie.
Social networking sites are simply one type of cloud computing service. They have (in my opinion) one of the biggest targets on their back for fraudsters and criminals. This isn't a surprise based on the popularity of these sites, most of which have already had many security breaches far too many to discuss individually here. Social networking sites contribute to the problem by making it easy to register, login, remember your login credentials, and reset your password. They also make it very easy to spoof other users, install malware, send SPAM, or any number of other nefarious acts. Then there is a host of 3rd party applications and service providers that interact with these services with little in the way of what most security professionals would consider adequate security. The combination of weak security procedures built into cloud computing services, 3rd party interactions, a user culture of "ease of use" trumping security, and the blending of corporate and personal lives is a formula for disaster.
Named Chief Technology Officer of Perimeter in 2009, Kevin Prince spearheads the company's technology strategy and leads the technical team in working closely with its customers to manage all of the complexity and compliance requirements of securing information across the enterprise.
Read more...
Most Popular
Please wait...
RSS
