Print
Discuss
Send to friend
RSS feedsSocial networking giant Facebook has defended its security and privacy controls in the face of criticism from industry experts, at this year's Infosecurity Europe show in London.
In a keynote at the event, Martyn Croft, head of corporate systems at the Salvation Army, argued that the concerns over corporate use of social networking sites, including lost productivity and malware infection, are "very real".
"It's a social engineering gold mine – a haven for finding out valuable information and it's an easy distribution platform for malware," he added. "For us, brand value is paramount and if we lose it we lose revenue very quickly."
But Max Kelly, chief security officer at Facebook, argued that the firm has gradually improved its security controls over time, to the point where users can now have control over who views any part of their profile on the site. "It is an educational challenge though," he admitted. "Users have top create a privacy model for themselves and that has been an ongoing challenge."
Kelly added that the firm has built up a "strong security team" to deal with issues at the network and application layers, and to investigate potential phishing and spamming attacks using data harvested from users of the site.
"It was in about January time that we became noticed by threatening elements who began to come after us," he said.
Jeremiah Grossman, chief technology officer at web app security firm WhiteHat Security, argued that social networking sites are prime targets for malicious Java script to be uploaded onto them. "It's an easy and effective way to effect the enterprise and because it's all purpose built, it's difficult to protect against; we need a whole new set of solutions," he said.
He suggested that Facebook is reluctant to restrict security too much on the site because it will affect its business model. "It will take risks with security because [ultimately] it's the users getting hacked not Facebook.
See also:
Forrester Research predicts customer-facing web 2.0 technologies will rocket in next five years 21 Apr 2008
BEA announces a Web 2.0 knowledge management portal for enterprise users 17 Apr 2008
Firms shouldn’t assume that tech-savvy kids will grow up used to using Windows 19 Mar 2008
AbilityNet report finds fault with top sites 24 Jan 2008
Salesforce is launching a new service aimed at letting firms network better 04 Dec 2007All Hacking
del.icio.us
Digg this
reddit!
