Some Facts• Technology changed the way people communicate• “Usage of social networks by the Fortune 500 companies has seen an explosive growth in 2010 with 83% of the companies using at least one of the social media sites”• The usage of blogs has also increased by 50% (corporate blogs)• Around 34% have developed policies to govern blogging by their employees (Source: socialtimes.com)
Deﬁnition?“Social network sites are deﬁned as web-based services that allow individuals ororganizations to construct a public or semi-public proﬁle within a bounded system,articulate a list of other users with whomthey share a connection, and view andtraverse their list of connections and thosemade by others within the system. ”
Common Usages• Communication about company & brands (marketing)• Live support• Technology & competition follow-up• Human Resources
Marketing• Social Networks give a sense of “dynamic” company• Direct Reach / Close to customers.• Extended circle of contacts at low costs• Personal touch
Live Support• Close contact with customers• Low Costs• Give a sense of “Real time”
Follow Up• What are doing my competitors?• What’s new in my ﬁeld of activity?• Almost real-time news trending
Human Resources• “Hire” & “Fire”• Online recruiting• Employees screening
And you as individual?• Split your personal and professional activities• Use a disclaimer: “My Tweets reﬂect my personal opinion”
Barbara StreisandThe “Streisand Effect” is aprimarily online phenomenonin which an attempt to hide orremove a piece of informationhas the unintendedconsequence of publicizing theinformation more widely.
The Belgian JewelerIn 2009, a Belgian Jeweler made a buzz withBelgian Twitter users with a completemisunderstanding of the social networksimpacts.
Domino’s PizzaA Domino’s Pizza employee inserted nasalmucus on pizza’s. He was ﬁred but video wasposted on Youtube. 250.000+ views!
Koobface• Multi-platform worm that targeted Facebook users• First reported in 2009• Botnet, DNS ﬁlter, Proxy feature
Malware & Viruses• Corporate devices used to access Social Networks• They are based on Web technologies. All known attacks are usable (see the OWASP Top-10)• URL shorteners / QRcodes (“click”- generation)
Wasted Resources• In big companies, usage of Social Network can waste a lot of bandwidth! Example: Facebook on a network of 10000+ users: 200GB/day• Waste of time by employees• Peak of wasted resources during popular events
“Users”• Users remain the weakest link• Facebook password same as Active Directory password?• Attackers use breaking news• How many “friends” are really friends?
Mobiles & Apps• People use mobile devices to access Social Networks• Suspicious browser extensions or 3rd party apps
Data Leak• People might post conﬁdential information• Intentional or not!• Data Extrusion• Bypass regular communication channels (Skype)
Social Engineering• All information to conduct a social engineering attack is already online• Google is your best friend• Tools like Maltego are gold mines
Degraded Brand Image• It takes years to build a brand image• It takes minutes to kill it!
Data Resilience• Once posted, it’s indexed!• Are removed data really deleted?
Reputation & LegalLiability• Disgruntled employees• “My boss is a bastard!”• “I’m pissed off by this f*cking job...”• Employers could be held responsible for failing to protect employees from accessing “sensitive” material.