The Security Risks of Social Networks

Updated: March 18, 2010

Internet social networks are great places to meet and network with people sharing similar business interests. But MySpace, Second Life and similar Web 2.0 sites can also pose serious security threats to users and their companies.

Many businesses view social networking sites as a kind of online cocktail party -- a friendly, comfortable place where one can establish contacts, find buyers or sellers, and raise a personal or corporate profile. But the cocktail party metaphor isn't entirely accurate. In fact, users would be better served if they thought of social network services in the context of a loud glass house; a place with endless visibility and each occupant talking through a highly amplified bullhorn.

Since most people access social network sites from the comfort and privacy of their home or office, they can be lulled into a false sense of anonymity. Additionally, the lack of physical contact on social network site can lower users' natural defenses, leading individuals into disclosing information they would never think of revealing to a person they just met on a street -- or at a cocktail party.

Staying safe on a social networking service means recognizing these factors, and working knowledgeably within a set of simple guidelines.

Protecting Yourself and Your Business

  • Be Discreet - Never type anything into a profile page, bulletin board, instant message or other type of online electronic form that would expose you to unwanted visitors or the possibility of identity theft or malicious threats. This includes personal and business names and addresses, phone numbers, job titles, birth dates, schedule details, daily routines and business or family information. It's far better to communicate in generalities than to reveal information that unscrupulous individuals may someday use against you.
  • Be Skeptical - Social network sites are full of useful business information, as well as to substantial amounts of useless disinformation. Treat anything you see online -- stock tips, advance news, personnel gossip and so on -- with a high degree of skepticism. Some people will lie in order to boost their own agenda, while others will spout unsubstantiated rubbish out of stupidity or sheer ignorance.
  • Be Thoughtful - Nobody likes a loudmouth, but the Internet has a curious way of releasing personal inhibitions. Never type anything online that can come back to bite you. This includes outrageous claims, slander, obscenity and insults. Be cool and professional, and always think twice before typing.
  • Be Professional - If you're posting a picture or video to a social network site, make sure it presents you in the best possible light. Dress professionally and, above all, don't disrobe or wear a funny hat.
  • Be Wary - People on the Internet are not always who they seem to be. The CEO you're chatting with in Denver may actually be a 14-year-old kid in Milwaukee -- or a prisoner in Romania. Until you can independently verify someone's identity -- using the same business tools that you would turn to to screen a new hire or confirm a prospective business partner -- never, ever reveal personal, business or financial information.
  • Check Privacy Policies - All major social network services have specific privacy guidelines that are published on their Web sites. Take the time to read and understand these documents, since they include the types of information that they will reveal -- or sell -- to other parties (including spammers). If you don't like the terms, don't use the service.

Social network sites are potentially useful business tools, but only if you approach them with an adequate amount of caution and common sense.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more