Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Security Awareness & Social Networking Services

From: "Tim M. Crawford" <tcrawford () GSB STANFORD EDU>
Date: Mon, 22 Oct 2007 10:41:51 -0700
Folks,
October is National Cyber Security Awareness Month!  It¹s a time to
consider what additional information and guidance would help make
students, campus administrators, faculty, and staff less vulnerable to
security threats and to take steps to deliver that advice. Thinking
beyond obvious threats and obvious target groups is key. A case in pointŠ

Students are the common target audience of institutional advice on
security and privacy risks associated with online social networking
services. It would be a mistake, however, to omit such advice from
security awareness programs aimed at faculty and staff.  The popular
LinkedIn social networking service markets itself to experienced
professionals and claims to have more than 15 million such members, with
23 new ones joining every minute.  Facebook, Myspace, Digg, Orkut and
other services similarly attract those beyond college age.

One might easily assume that mature adults would be more cautious about
the type of information they share on these networks. Many, however,
don¹t take the time to learn about profile settings they could enable to
limit access to their information. Also, it¹s too easy to forget that
while friendships (especially online ones) can wax and wane, what¹s
posted on the web, stays on the web.  By their very nature online social
networks create a sense of community and camaraderie that make
self-discipline hard to maintain when sharing opinions, photos, and
other private information.

Personal reputations of faculty and staff, and by extension the
reputations of institutions that employ them, are at stake. Personal
safety is also a concern. Creating awareness among these individuals
encourages them to balance the risks against the benefits of using
social networking sites. Incorporating this topic into an institution¹s
overall security awareness program is a natural fit.

Further information on social networking is available on the EDUCAUSE
website at http://connect.educause.edu/term_view/social+networking and
security awareness program resources are available at
http://www.educause.edu/ResourceKitforNationalCyberSecurityAwarenessMonth/74
79.
Additionally, the 2007 student video contest winners cited below address
social networking and can be a resource to campuses:

TMI:  Too Much Information
http://www.researchchannel.org/securityvideo2007/displayevent.aspx?rid=11006

Web of Risks
http://www.researchchannel.org/securityvideo2007/displayevent.aspx?rid=10990

Identity Theft for Criminals
http://www.researchchannel.org/securityvideo2007/displayevent.aspx?rid=11088

Regards,

Tim
______________________________________________________
Tim M. Crawford | Director, IT Operations
Stanford Graduate School of Business
(o) 650.724.2447 | tcrawford () stanford edu
(c) 650.804.1300 | Yahoo IM: timmcrawford
Previous By Date Next
Previous By Thread Next

Current thread: