Enviar búsqueda
Cargar
Social media and security essentials.pptx
•
3 recomendaciones
•
1,399 vistas
Pink Elephant
Seguir
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 36
Descargar ahora
Descargar para leer sin conexión
Recomendados
How to Like Social Media Network Security
How to Like Social Media Network Security
Brian Honan
Social Media Security Risk Slide Share Version
Social Media Security Risk Slide Share Version
famudal
Social media and Security risks
Social media and Security risks
Parakum Pathirana
Social media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social Networking
Ishfaq Majid
Social media risk
Social media risk
Mosoco Ltd
How Safe Is YOUR Social Network?
How Safe Is YOUR Social Network?
Blue Coat
Online Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safely
Tom Eston
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
MarketingatBahrain
Recomendados
How to Like Social Media Network Security
How to Like Social Media Network Security
Brian Honan
Social Media Security Risk Slide Share Version
Social Media Security Risk Slide Share Version
famudal
Social media and Security risks
Social media and Security risks
Parakum Pathirana
Social media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social Networking
Ishfaq Majid
Social media risk
Social media risk
Mosoco Ltd
How Safe Is YOUR Social Network?
How Safe Is YOUR Social Network?
Blue Coat
Online Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safely
Tom Eston
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
MarketingatBahrain
Security threats in social networks
Security threats in social networks
Tannistho Ghosh
Social media & cyber crime
Social media & cyber crime
atifkhanniazi
Privacy issues in social networking
Privacy issues in social networking
Bryan Tran
20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats
Jesse Wilkins
Security Dangers of Social Networking
Security Dangers of Social Networking
BillBrenner70
Social Networking Security Issues
Social Networking Security Issues
Mangesh Gunjal
The Social Media Bait - Fraud & Cybercrime
The Social Media Bait - Fraud & Cybercrime
Parag Deodhar
Privacy and Social Networks
Privacy and Social Networks
blogzilla
Misuse of social media
Misuse of social media
AM Oh
The issues of security and privacy in social network
The issues of security and privacy in social network
Noori Sadeq
Cyber security for women using mobile devices
Cyber security for women using mobile devices
J A Bhavsar
Cyberspace slide show
Cyberspace slide show
Beckusq
Security and social media
Security and social media
JP Rains, MBA
Ethical and safe internet use
Ethical and safe internet use
BurkeV
Infocom Security
Infocom Security
mmavis
Security in social network araceli&arlethe
Security in social network araceli&arlethe
tecnologico de tuxtepec
Social media and ethics
Social media and ethics
Yvette Babs Walker
Cybersafeelementary
Cybersafeelementary
Rick Ohren
C3 and digital citizenship
C3 and digital citizenship
JuliaHoesingVanderMolen
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Business Development Institute
On The Business of social media
On The Business of social media
Doug Winfield
Leverage social media for customer interaction
Leverage social media for customer interaction
Info-Tech Research Group
Más contenido relacionado
La actualidad más candente
Security threats in social networks
Security threats in social networks
Tannistho Ghosh
Social media & cyber crime
Social media & cyber crime
atifkhanniazi
Privacy issues in social networking
Privacy issues in social networking
Bryan Tran
20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats
Jesse Wilkins
Security Dangers of Social Networking
Security Dangers of Social Networking
BillBrenner70
Social Networking Security Issues
Social Networking Security Issues
Mangesh Gunjal
The Social Media Bait - Fraud & Cybercrime
The Social Media Bait - Fraud & Cybercrime
Parag Deodhar
Privacy and Social Networks
Privacy and Social Networks
blogzilla
Misuse of social media
Misuse of social media
AM Oh
The issues of security and privacy in social network
The issues of security and privacy in social network
Noori Sadeq
Cyber security for women using mobile devices
Cyber security for women using mobile devices
J A Bhavsar
Cyberspace slide show
Cyberspace slide show
Beckusq
Security and social media
Security and social media
JP Rains, MBA
Ethical and safe internet use
Ethical and safe internet use
BurkeV
Infocom Security
Infocom Security
mmavis
Security in social network araceli&arlethe
Security in social network araceli&arlethe
tecnologico de tuxtepec
Social media and ethics
Social media and ethics
Yvette Babs Walker
Cybersafeelementary
Cybersafeelementary
Rick Ohren
C3 and digital citizenship
C3 and digital citizenship
JuliaHoesingVanderMolen
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Business Development Institute
La actualidad más candente
(20)
Security threats in social networks
Security threats in social networks
Social media & cyber crime
Social media & cyber crime
Privacy issues in social networking
Privacy issues in social networking
20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats
Security Dangers of Social Networking
Security Dangers of Social Networking
Social Networking Security Issues
Social Networking Security Issues
The Social Media Bait - Fraud & Cybercrime
The Social Media Bait - Fraud & Cybercrime
Privacy and Social Networks
Privacy and Social Networks
Misuse of social media
Misuse of social media
The issues of security and privacy in social network
The issues of security and privacy in social network
Cyber security for women using mobile devices
Cyber security for women using mobile devices
Cyberspace slide show
Cyberspace slide show
Security and social media
Security and social media
Ethical and safe internet use
Ethical and safe internet use
Infocom Security
Infocom Security
Security in social network araceli&arlethe
Security in social network araceli&arlethe
Social media and ethics
Social media and ethics
Cybersafeelementary
Cybersafeelementary
C3 and digital citizenship
C3 and digital citizenship
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Actiance - BDI 6.14.11 Mobile Financial Services Communications Leadership Forum
Similar a Social media and security essentials.pptx
On The Business of social media
On The Business of social media
Doug Winfield
Leverage social media for customer interaction
Leverage social media for customer interaction
Info-Tech Research Group
Estudio sobre ONG y redes sociales
Estudio sobre ONG y redes sociales
Esther Vargas
Nonprofit Social Network Survey Report
Nonprofit Social Network Survey Report
AIDiM
Faculty presentation 21 st december 2015
Faculty presentation 21 st december 2015
Kamoru Abiodun Balogun(Bsc,MIT,CCNA,OCA,PhD inview UPM)
Dreamforce 2012 Keynote "Business is Social"
Dreamforce 2012 Keynote "Business is Social"
Al Falcione
Building Online Communities
Building Online Communities
Lisa Trager
Social Networking in Government
Social Networking in Government
guest2343f9
Dreamforce 2011 Social Enterprise Marc Benioff Keynote
Dreamforce 2011 Social Enterprise Marc Benioff Keynote
NAES Corporation
2011 shift index social media activity
2011 shift index social media activity
Uday Abdurrahman
Social Media for Business - Soton MBA
Social Media for Business - Soton MBA
Lisa Harris
Cloudforce Essentials Halifax Keynote - Oct 3
Cloudforce Essentials Halifax Keynote - Oct 3
nwyne
Chapter 1 Power Point Comm*3533 Dr. Mirrer
Chapter 1 Power Point Comm*3533 Dr. Mirrer
calixteb
Workforce Intelligence and Social Analytics: Opportunity at the Confluence
Workforce Intelligence and Social Analytics: Opportunity at the Confluence
Yvette Cameron
Datamatix gitex conference_govt_social_media_22_oct_2013
Datamatix gitex conference_govt_social_media_22_oct_2013
Dr Usman Zafar
Social Media and Identity
Social Media and Identity
Alexander Howard
Social Media and Identity
Social Media and Identity
Alexander Howard
Arab Social Media Report
Arab Social Media Report
seldemerdash
Arab social media report Jan 2011
Arab social media report Jan 2011
hug Digital
Social Media In Financial Services London Conference
Social Media In Financial Services London Conference
EmPower Research, a Genpact company
Similar a Social media and security essentials.pptx
(20)
On The Business of social media
On The Business of social media
Leverage social media for customer interaction
Leverage social media for customer interaction
Estudio sobre ONG y redes sociales
Estudio sobre ONG y redes sociales
Nonprofit Social Network Survey Report
Nonprofit Social Network Survey Report
Faculty presentation 21 st december 2015
Faculty presentation 21 st december 2015
Dreamforce 2012 Keynote "Business is Social"
Dreamforce 2012 Keynote "Business is Social"
Building Online Communities
Building Online Communities
Social Networking in Government
Social Networking in Government
Dreamforce 2011 Social Enterprise Marc Benioff Keynote
Dreamforce 2011 Social Enterprise Marc Benioff Keynote
2011 shift index social media activity
2011 shift index social media activity
Social Media for Business - Soton MBA
Social Media for Business - Soton MBA
Cloudforce Essentials Halifax Keynote - Oct 3
Cloudforce Essentials Halifax Keynote - Oct 3
Chapter 1 Power Point Comm*3533 Dr. Mirrer
Chapter 1 Power Point Comm*3533 Dr. Mirrer
Workforce Intelligence and Social Analytics: Opportunity at the Confluence
Workforce Intelligence and Social Analytics: Opportunity at the Confluence
Datamatix gitex conference_govt_social_media_22_oct_2013
Datamatix gitex conference_govt_social_media_22_oct_2013
Social Media and Identity
Social Media and Identity
Social Media and Identity
Social Media and Identity
Arab Social Media Report
Arab Social Media Report
Arab social media report Jan 2011
Arab social media report Jan 2011
Social Media In Financial Services London Conference
Social Media In Financial Services London Conference
Más de Pink Elephant
Pink Think Tank 2015
Pink Think Tank 2015
Pink Elephant
Pink Think Tank 2015
Pink Think Tank 2015
Pink Elephant
Implementing Service Level Management
Implementing Service Level Management
Pink Elephant
The Seven Enablers & Constraints Of IT Service Management - Research Update 2011
The Seven Enablers & Constraints Of IT Service Management - Research Update 2011
Pink Elephant
10 things all it managers need to know about social media.pptx
10 things all it managers need to know about social media.pptx
Pink Elephant
Social media it support.pptx
Social media it support.pptx
Pink Elephant
Social media a strategic business perspective.ppt
Social media a strategic business perspective.ppt
Pink Elephant
Más de Pink Elephant
(7)
Pink Think Tank 2015
Pink Think Tank 2015
Pink Think Tank 2015
Pink Think Tank 2015
Implementing Service Level Management
Implementing Service Level Management
The Seven Enablers & Constraints Of IT Service Management - Research Update 2011
The Seven Enablers & Constraints Of IT Service Management - Research Update 2011
10 things all it managers need to know about social media.pptx
10 things all it managers need to know about social media.pptx
Social media it support.pptx
Social media it support.pptx
Social media a strategic business perspective.ppt
Social media a strategic business perspective.ppt
Último
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
mohitsingh558521
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
MounikaPolabathina
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
Último
(20)
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Social media and security essentials.pptx
1.
Social Media &
Security Essentials January 31, 2011 Troy DuMoulin AVP Strategic Solutions Pink Elephant Pink Elephant – Leading The Way In IT Management Best Practices
2.
Welcome & Agenda
Agenda The Impact & Growth of Social Media The key risks of Web 2.0 and Social Media Recent Example Case Studies for Facebook and Twitter Social Media as an IT Service Establishing Social Media Policies Looking at 2011 Next Steps Objective: Practical guidance about how to effectively manage social networking security risks © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 2
3.
The Flood Of
Social Media NOW Adoption has surged to staggering heights. While Facebook has over 500 million users (July 2010), MySpace has nearly 70 million in the U.S. (June 2010) and LinkedIn has around 75 million worldwide (August 2010). As for Twitter, 105,779,710 registered users (April 2010) account for approximately 750 tweets each second Facebook platform houses over 550,000 active applications and is integrated with more than one million websites Burson-Marsteller study showed that, “of the Fortune Global 100 companies, 65% have active Twitter accounts, 54% have Facebook fan pages, 50% have YouTube video channels and 33% have corporate blogs” Securing the Social Network – Websense Whitepaper © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 3
4.
Managing vs. Blocking
Social Media Not possible to ban the use of Social Media anymore than it was possible to ban the internet (both have been tried) © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 4
5.
Websense Research Highlights
2010 Based on a sample size of 200,000 Facebook and Twitter Entries • Websense Security Labs identified a 111.4% increase in the number of malicious websites from 2009 to 2010 • 79.9% of websites with malicious code were legitimate sites that have been compromised— an increase of 3% from the last previous period • Searching for breaking trends and current news represented a higher risk (22.4%) than searching for objectionable content (21.8%) • 52% of data stealing attacks occurred over the Web Every hour Websense scans more than 40 million websites for malicious code and nearly 10 million emails for unwanted content and malicious code. Using more than 50 million real-time data collecting systems, it monitors and classifies Web, email, and data content. www.websense.com 2010 Threat Report – Websense © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 5
6.
Websense Research Highlights
2010 Based on a sample size of 200,000 Facebook and Twitter Entries 40% of all Facebook status updates have links and 10% of those links are either spam or malicious. 2010 Threat Report – Websense © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 6
7.
CISCO Annual Security
Report Consider social media. Its impact on computer security cannot be overstated, It is common for workers to blend business and personal communications on these social networks, further blurring the network perimeter The high levels of trust that users place in social networks – that is, users’ willingness to respond to information appearing within these networks – has provided ample opportunity for new and more effective scams. Instead of searching out technical vulnerabilities to exploit, criminals merely need a good lure to hook new victims No longer does business take place solely behind network walls. The critical work of an organization is happening increasingly on social networks, on handheld devices, on Internet kiosks at airports, and at local cafes Social Media “Were The Problem” Social media users believe there is protection in being part of a community of people they know. Criminals are happy to prove this notion wrong © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 7
8.
Social Media Risks
– 1 Threat & Vulnerabilities Risks Lack of control • Automated protection can only block or enable websites and domains. (On or OFF) • Classic Anti Virus software is ineffective against social engineering or phishing attacks • Engaging in Social Media does not require IT involvement or approvals • Lack of a business policy or lack of enforcement of the policy Exposure growing on • Malicious code “is not just coming from the legitimate websites dark corners of the web, “Some 79 percent is coming from legitimate sites” Data loss is often based on • Social networking sites are all about trusted exploiting implicit trust (Trust communities collaboration and data sharing conditioning) • Most malware, scams and phishing attacks are successful since they are based on preying upon trusted relationships © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 8
9.
Social Media Risks
– 2 Threats & Vulnerabilities Risks Customer or Employee exposure • Loss or exposure of customer information leading to liability or loss of trust • Reputational damage • Targeted marketing to your customers • Targeted head hunting of your employees Unclear or loss of content • Enterprise’s loss of control/legal rights of rights for information posted to information posted to the social media social media sites sites • Privacy violations Mis-directed surfing on • Shortened URL Spoofing legitimate sites • Identity theft • Search Engine Optimization (SEO) poisoning • Cross site scripting attacks • Trojan & Botnet proliferation © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 9
10.
Early Adoption –
Risk & Reward Look for prior Success Interested in cost & cost control Embrace New Technology Luddites Social Media Innovators Early Early Late Laggards 2.5 % Adopters Majority Majority 16 % 13.5 % 34 % 34 % Companies are driven by growth. Growth often comes from innovation. Many companies get a leg on competition by being willing to take a managed risk. © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 13
11.
Recent Social Media
Attacks CASE STUDY EXAMPLES © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
12.
URL Shortening –
Boon & Risk Warning! | There might be a problem with the requested link 10-12-28 7:10 PM STOP - there might be a problem with the requested link The link you requested has been identified by bit.ly as being potentially problematic. We have detected a link that has been shortened more than once, and that may be a problem because: Some URL-shorteners re-use their links, so bit.ly can't guarantee the validity of this link. Some URL-shorteners allow their links to be edited, so bit.ly can't tell where this link will lead you. Spam and malware is very often propagated by exploiting these loopholes, neither of which bit.ly allows for. The link you requested may contain inappropriate content, or even spam or malicious code that could be downloaded to your computer without your consent, or may be a forgery or imitation of another website, designed to trick users into sharing personal or financial information. Bit.ly suggests that you Change the original link, and re-shorten with bit.ly Close your browser window Notify the sender of the URL Or, continue at your own risk to http://su.pr/4SzLwj You can learn more about harmful content at www.StopBadware.org You can find out more about phishing from www.antiphishing.org For more information about our policy please contact support%2Bspam@bit.ly Read more about bit.ly's spam and antiphishing partners here Publish with bit.ly and protect your links Security vendor McAfee Inc. is warning of a rising security risk in 2011 in the 3,000 shortened URLs generated per minute for use on social media sites such as Twitter. http://bit.ly/a/warning?url=http%3a%2f%2fsu%2epr%2f4SzLwj&hash=huUyr5 © Pink Elephant, 2011. All Rights Reserved. Page 1 of 1 Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 12
13.
Short URL Checkers
Short URL Checker - RESULTS 10-12-28 7:12 PM Short URL Checker Results Home > Tinyurl Checker URL as entered: http://su.pr/4SzLwj http://www.good.is/post/12-year-old-girl-runs-make-shift-school-for- village-children/ Enter Another URL or read more information about this link: Safe Browsing Information About This Site Safe Browsing information for this link (source: Google.com) WHOIS Whois Information (source: Domaintools.com) Blog Search Blogs (source: Google Blog Search) Social Media Analysis Social Internet Search (source: SocialMention) Brought to you by: http://pcistools.com/tinyurlchecker.php © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 13 http://www.pcistools.com/process_tURL.php Page 1 of 2
14.
Facebook Email Scam
© Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 14
15.
Awkward (haha) Video
Facebook Scam Exposed URL’s not Always hidden Click-Jacking Rapid spread of Malware SPAM © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 15
16.
Instant Messenger Attacks
www.securelist.com/en/blog © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 16
17.
Password
There are two “free toolbars” circulating around the web that pretend to enable users to cheat at Zynga games on Facebook, but actually attempt to steal Facebook login credentials. The Facebook Toolbar Phishing false toolbars were spotted by Sunbelt researchers and should be avoided at all cost. See below for more details. The images below were provided courtesy of Help Net Security and detail the method of operation of the deceitful toolbars. At first glance, the toolbars look legitimate and appear at the top of your browser, along with a legitimate Facebook logo. The buttons have features that allow for cheating on “Zynga Games” along with other links as well. The problem is, when users click on the “Facebook” logo in the top left corner of the bar (they layout sometimes changes), they are taken to a false Facebook page that asks you to login but actually steals your credentials instead! www.securelist.com/en/blog © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 17
18.
Facebook Survey Scams
Nakedsecurity.sophos.com/category/social-networks © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 18
19.
Malware Infection Example
Nakedsecurity.sophos.com/category/social-networks © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 19
20.
Leveraging Twitter Trends
www.securelist.com/en/blog © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 20
21.
Fake Adobe Attack
From Twitter www.securelist.com/en/blog © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 21
22.
Using Frameworks To
Manage Social Media Strategy SERVICE LIFECYCLE & RISK MANAGEMENT © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 22
23.
Service Management &
Social Media? In this world there are four kinds of people: Those who make things happen Those who watch things happen Those who have things happen to them Those who wonder what happened "In its simplest terms, there is anarchy in the absence of social media policy and training," says John Pironti, ISACA board member and president of IP Architects, LLC. © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 23
24.
IT Service Lifecycle
& Social Media Manage Business Requirement • Business Engagement • Social Media Strategy Manage • Business Risk Assessment Plan • Service Analysis • Estimate business and technical resources • Customer Value Realization Assessment • Define Governance & Monitoring • Continual Service Improvement • Establish Social Media Measures • Establish Risk Mitigation plan • Establish financial budgets and funding Report Source /build • Summary, drill down, analysis • Insource / Outsource • KPIs • Choose Social Media platforms • Communication strategy • Training strategy Cost / Recovery Provision • Track Planned vs Actual cost • Build / Publish Services • Accounts Payable • Define change approval process Deliver/ • Service Testing Operate • Transition to production • Content Development • Content Management Plan / Build • Incident Management Operate • Security Management • Change Management © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 24
25.
Service Management Integration
SERVICE STRATEGY SERVICE DESIGN • Service Strategy • Service Catalog Management • Financial Management • Service Level Management • Service Portfolio Management • Capacity Management • Demand Management • Availability Management • IT Service Continuity Management • Information Security Management • Supplier Management © Crown copyright 2007 Reproduced under license from OGC Figure 1.2 Service Strategy 1.2.3 SERVICE OPERATION SERVICE TRANSITION • Event Management • Transition Planning & Support • Incident Management • Change Management • Request Fulfillment • Service Asset & Configuration • Problem Management Management • Access Management • Release & Deployment Management Functions • Service Validation & Testing • Service Desk • Evaluation • Technical Management CONTINUAL SERVICE IMPROVEMENT • Knowledge Management • IT Operations Management • Seven Step Improvement • Application Management • Service Measurement • Service Reporting © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
26.
A Risk Management
Effort Includes: Identifying risks related to social media use Assessing these risks to ascertain the probability of these risks occurring and the potential impact to the business if they do occur Planning a mitigation strategy to deal with the higher impact, higher priority risks Managing & Monitoring the risks through communication and the implementation of risk mitigation and avoidance strategies © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 26
27.
Establishing A Social
Media Strategy When creating a social media strategy, some questions to consider are: What are the strategic benefits/goals for leveraging Social Media? Are all appropriate stakeholders involved in social media strategy development? What platforms will be used when, by whom and for what objectives? What are the risks and how will they be mitigated? What policies need to be established? What are the new legal issues associated with the use of social media? How will customer privacy issues be addressed? How can positive brand recognition be ensured? How will awareness training be communicated to employees and customers? How will inquiries and concerns from customers be handled? Does the enterprise have the resources to support such an initiative? Source: ISACA Social Media Business Benefits & Security, Governance and Assurance Perspectives © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 27
28.
Establishing Policies
EXAMPLE SOCIAL MEDIA POLICES © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 28
29.
Social Media Policy
Categories Personal use in the workplace: Whether it is allowed The nondisclosure/posting of business-related content The discussion of workplace-related topics Inappropriate sites, content or conversations Personal use outside the workplace: The nondisclosure/posting of business-related content Standard disclaimers if identifying the employer The dangers of posting too much personal information Business use: Whether it is allowed The process to gain approval for use The scope of topics or information permitted to flow through this channel Disallowed activities (installation of applications, playing games, etc.) The escalation process for customer issues Source: ISACA Social Media Business Benefits & Security, Governance and Assurance Perspectives © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 29
30.
Example General Guidelines
Be respectful to the company, other employees, customers, partners, and competitors Social media activities should not interfere with other work commitments or impact productivity Your online presence reflects the company. Be aware that your actions captured via images, posts, or comments can reflect that of our company Do not reference or site company clients, partners, or customers without their express consent. In all cases, do not publish any information regarding a client during the engagement Company logos and trademarks may not be used without written consent © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
31.
Policy Statement Examples
Personal blogs should have clear disclaimers that the views expressed by the author in the blog is the author’s alone and do not represent the views of the company Information published on social networking sites should comply with the company’s confidentiality and disclosure of proprietary data policies. This also applies to comments posted on other blogs, forums, and social networking sites Watching videos or reading blogs are invaluable sources of inspiration and information. Please refrain from reading personal or non-industry blogs during company time Please refrain from personal online shopping during company time © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries.
32.
Resources & Policies
Examples Harvard Law Blogging Policy http://blogs.law.harvard.edu/terms-of-use/ Oracle Social Media Participation Policy http://www.sun.com/communities/guidelines.jsp IBM Social Computing Guidelines http://www.ibm.com/blogs/zz/en/guidelines.html 30 Tips to Manage Employees Online http://ariwriter.com/30-tips-to-manage-employees-online/ Baker and Daniels Law http://www.bakerdstreamingvid.com/publications/ Baker_Daniels_Social-Media-Policy.pdf © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 32
33.
Looking Forward –
Discussion McAfee Labs Predicts December 28, Emerging Threats in 2011 Exploiting Social Media: URL-shortening services Exploiting Social Media: Geolocation services Mobile: Usage is rising in the workplace, and so will attacks Apple: No longer flying under the radar Applications: Privacy leaks—from your TV Hacktivism: Following the WikiLeaks path Advanced Persistent Threat: Cyberespoinage Your Thoughts ??? www.mcafee.com © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 33
34.
Next Steps When
You Go Back Within 30 days: Conduct an assessment of corporate and personal Social Media use Within 60 days: Conduct risk assessment for Social Media Established policies that addresses social media use covering both business and personal use Conduct policy training for all users Within 90 days: Define service strategy for Social Media Service Design (functional and non functional requirements) Define Transition plans Define operational processes and resources Define Management and CSI activities and measures © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 34
35.
References
Securing Social Network – Websense Social Media: Business Benefits and Security – ISACA CISCO Annual Report on Security 2009 Social Networking & Security – Infosec.co.uk 2010 Threat Report – Websense © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 35
36.
Questions?
Troy DuMoulin t.dumoulin@pinkelephant.com http://blogs.pinkelephant.com/troy http://twitter.com/TroyDuMoulin Thank You PINK ELEPHANT www.pinkelephant.com © Pink Elephant, 2011. All Rights Reserved. Social Media & Security Essentials ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. 36
Descargar ahora