Safer Internet Day - The role of Security within Social Networks
Amichai Shulman - CTO and co-founder of Imperva
In terms of social networks, it is security which we need to be wary of. Security controls the way in which people use the information of others. It is a way to ensure that people cannot invoke functionality on behalf of other users, and that delinquents cannot use the system to distribute malware. It is a way to make it difficult to hack into someone's account using a brute-force attack. Security enables us to integrate social networking applications into our business environment without affecting the integrity and confidentiality of business data.
In today's social networking platform, security is the threat. Web 2.0 vulnerabilities are quickly translating into massive worm out breaks. One such example is the notorious Koobface worm which is still propagating even though researchers have been attempting to contain it for the last few years. Even basic best practices, such as the use of SSL for authentication purposes, are not closely followed.
Nevertheless, we are starting to feel the winds of change. Recently, Facebook made changes to account SECURITY to reduce account hijacking incidents. Just a few weeks ago a new authorization scheme was put in place that requires one to identify their friends in case of an alleged account take-over. As social networks attempt to increase their user base, penetrate the business environment, and roll out new services (such as Facebook's new webmail) we should expect social platforms to invest more resources in improving the SECURITY posture of the platform. These measures will provide improved protection against application layer attacks, stronger authentication and account control features, and better malware detection systems.
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Was ist OPSEC?
Unter OPSEC (Operations Security) versteht man im IT-Umfeld die Summe von Prozessen und Strategien zum Schutz kritischer Daten. OPSEC basiert auf fünf iterativen Teilprozessen, die es nacheinander zu durchlaufen gilt. Ursprünglich stammt der Begriff OPSEC aus dem militärischen Bereich.Weiterlesen