• Save
Social Media Security Risk Slide Share Version
Upcoming SlideShare
Loading in...5

Social Media Security Risk Slide Share Version



Social Media Security Risk

Social Media Security Risk



Total Views
Slideshare-icon Views on SlideShare
Embed Views



2 Embeds 18

http://www.linkedin.com 9
https://www.linkedin.com 9



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Social Media Security Risk Slide Share Version Social Media Security Risk Slide Share Version Presentation Transcript

    • Social Media Security:How Social Media May Leave You VulnerableTimothy YoungbloodDell, Compliance and Information Security Officer
    • Social media platforms have entered the enterprise 24hrs of Video per300 Million Users 75 Million Accts Min 3% Growth Per 6 Million Unique 3 Million Auto Week Visitors Connects 30 Billion Page 65 Million Tweets 2 Billion Views Per Views Per Day Per Day Day Public Sector / Private Sector Business Partners/Customers/End Users 2
    • Security managers have to apply rules to these open platforms 3
    • You have new risk that needs to be managed Malware Reputation Data Leakage 4
    • Integrated Social Media security strategy to address key risk Social Media Remote Access Outsourcer Compliance 5
    • Identify your risk, assess technology and policy /control mitigations Policy Technology Risk 6
    • Social Media exposes a new threat vector in the enterprise 7
    • Every platform has a weakness • Too Much Info (TMI) • Phishing • Password Sloth • Account Hi-Jacking 8
    • Facebook/MySpace/ect.. 9
    • Twitter 10
    • YouTube 11
    • Social Media in the headlinesTwitter virus amongshortest on record ….Mark ZuckerbergsFacebook Page Hacked ….YouTube Hack HitsBieber Fans…. 12
    • Femee Fatale 13
    • Credential Phishing 14
    • Taxonomy of Exposure Service Disclosed Entrusted Data Data DataIncidental Behavioral Derived Data Data Data 15
    • Service Data, Disclosed Data 16
    • Entrusted Data, Incidental Data 17
    • Behavioral Data, Derived Data 18
    • Technology counter measures exist to address the threats 19
    • Responding to Social Media Threats Policy People Threats Process Technology 20
    • Federal Guidelines Guidelines for Secure Use of Social Media by Federal Departments and Agencies  Training  Network Controls  Host Controls  Policy Controlswww.cio.gov/library/ 21
    • Secure Alternatives 22
    • Brand Protection Firm 23
    • Defense in Depth with Social Media in mind 24
    • Network/Client Security Hardened ACL’s Host Security Agent IPS Lockdown Policy Firewall Drive Encryption Perimeter Perimeter 25
    • Threat & Vulnerability Mgt Logging & Alerting 26
    • Securing the Mobile Workforce 27
    • Specialized Solutions 28
    • Social Mention 29
    • Websense Advanced Classification Engine (ACE)• Real-time security classification• Real-time content classification• Websense PreciseID™ technology data identification• Reputation services• URL filtering 30
    • Governance must be integrated into your strategy 31
    • Policies Protect the OrganizationOver SharingInformation(Intellectual Property)Mixing Business withPersonal info(Tweet/Facebook/MySpace/ect..) RageConnection indulgenceClick HappinessPassword Sloth 32
    • IAN Study10% 34%2008 2009 33
    • Guidelines• Protect information• Be transparent and disclose• associations• Follow the law, follow the Code• Be responsible• Be nice, have fun and connect 34
    • Controls ensure policies are followed • Change Implementation • Information Security • Program Development • Disaster Recovery • Contracting • Facilities • IT Governance • IT Operations 35
    • CoBIT 36
    • Risk IT 37
    • ISACA – Social Media PresenceStrategy and • Has a risk assessment been conducted to map risks to the enterprise present by use of social media?Governance • Has effective training been conducted for all users, and People do users receive regular awareness communications regarding policies and risks? • Have business processes that utilize social media been Process reviewed to ensure that they are aligned with policies and standards of the enterprise? • Does IT have a strategy and the supporting capabilitiesTechnology to manage technical risks presented by social media? 38
    • Relationships with key stakeholders 39
    • Inclusive of a Team Team Members 1. IT 2. Marketing/Sales 3. Legal 4. External / Internal Audit 5. Compliance 6. Privacy 7. Ethics
    • Key Topics 41
    • Social Media Security StrategyRisk TechnologySocial MediaPlatforms Defined? Policy How do currentHow are the solutions address Are employeesplatforms utilized? the threats? trained on how toWho is currently Are there supporting use Social Media?utilizing them? technologies to Are there supporting address risk? controls and policies? 42