Social (Network) Security
Posted by Petrice Gaskin at May. 28, 2008
The EU is considering subjecting social networks to regulation. According to Ars Technica the European Network and Information Security Agency (ENISA) has released a preliminary draft of a report on online security. They found that “some of the main threats identified . . . through social networks involve digital dossiers, face recognition, and social engineering attacks on enterprises� as well as phishing, reputation damage, ID theft, stalking and cyberbullying.
The report also recommends some strategies to combat security flaws, such as calling for “regulatory review of social networking frameworks, increased transparency of data handling practices, more education for users on security, and discouraging (or banning outright) the use of social networks in school.� While the other suggestions are sound and reasonable, discouraging or banning social networks in schools is short-sighted. Social networks can be a powerful and effective tool for schools, by allowing educators to connect with students (as well as allowing students to connect with other students).
Although the full version of the report hasn’t been released, the preliminary draft draws attention to an issue that social networks will increasingly have to grapple with: how to ensure users are able to maintain their privacy and security. As social networks evolve and continue to branch out into niche markets, some of which will focus on storing and sharing personal data, these questions become more and more pertinent. This past March, a security breach allowed Byron Ng to access Paris Hilton’s private photos on her Facebook account, and just as recently the web community has started discussing how FB users could find themselves the victims of security breaches through FB apps, that don’t have high security standards.
It will be interesting to see how U.S. companies react to the EU’s report once it’s fully released, and the type of security dialogue that will emerge.
The report also recommends some strategies to combat security flaws, such as calling for “regulatory review of social networking frameworks, increased transparency of data handling practices, more education for users on security, and discouraging (or banning outright) the use of social networks in school.� While the other suggestions are sound and reasonable, discouraging or banning social networks in schools is short-sighted. Social networks can be a powerful and effective tool for schools, by allowing educators to connect with students (as well as allowing students to connect with other students).
Although the full version of the report hasn’t been released, the preliminary draft draws attention to an issue that social networks will increasingly have to grapple with: how to ensure users are able to maintain their privacy and security. As social networks evolve and continue to branch out into niche markets, some of which will focus on storing and sharing personal data, these questions become more and more pertinent. This past March, a security breach allowed Byron Ng to access Paris Hilton’s private photos on her Facebook account, and just as recently the web community has started discussing how FB users could find themselves the victims of security breaches through FB apps, that don’t have high security standards.
It will be interesting to see how U.S. companies react to the EU’s report once it’s fully released, and the type of security dialogue that will emerge.