Facebook the Most Dangerous Social Tool For Businesses 142
wiredmikey writes "According to a recent study Facebook is by far the most popular and most dangerous social media tool among small-to-medium-sized businesses, with 69 percent of respondents reporting that they have active accounts with this site, followed by Twitter, YouTube, and LinkedIn. Facebook is also the top culprit for malware infections and privacy violations, e.g. the leaking of sensitive company information. YouTube took the second spot for malware infection, while Twitter contributed to a significant number of privacy violations. For companies suffering financial losses from employee privacy violations, Facebook was again cited as the most common social media site where these losses occurred, followed by Twitter, YouTube, and LinkedIn."
"Dangerous" is ambiguous (Score:4, Interesting)
Dangerous in what form? I don't get that.
For malware specficially, well I guess that isn't surprising, I have a facebook account and I always see my friends posting links that are clearly spam. I guess some other people see this and click on it (by accident or not) and then they get infected too, and so it spreads.
Youtube? (Score:4, Interesting)
How do you get infected with malware from youtube?
I'm a Mac user - this is news to me (Score:2, Interesting)
Okay, I'm no troll, but this is news to me. How does this happen? You all run antivirus software, and yet somehow actually *visiting* a site can infect you. So how does this work? Can you visit a site wearing a 'condom', or do you know, somehow, that you shouldn't click on something.
No trolling, but as a Mac user I click what I like. How do you know what to click or not click?
Re:The Most Dangerous Tool (Score:4, Interesting)
"The most dangerous tool is the one sitting in the chair."
Back in my auto shop days, we had a term for a certain diagnosis--The Loose Nut Behind the Wheel.
It referred to either the driver/owner being the source of the mechanical problem (such as pulling the parking brake out to hang ones purse on, then merrily driving away), or the driver/owner was simply insane (we had our share, and oddly enough, sanity is not a requirement for a drivers license).
Of course, this was a diagnosis we kept to ourselves. Explaining such a diagnosis to the driver/owner was usually awkward--"Sir, the reason your Ford Escort is never going to go straight again is because you weigh 600lbs. An alignment isn't going to fix anything. You just need to switch to low-octane fuel".
I believe this claim about Facebook's "danger" (Score:5, Interesting)
I've seen people do some really dumb stuff on Facebook that they almost certainly wouldn't do elsewhere.
A few weeks ago, there was a viral (in the true sense of the word) page that got popular really fast - I think it claimed to let you see who'd un-friended you, but I might have that bit wrong. Anyway, after an acquaintance got hit by this, I went to check it out. Basically this page said "here's how you do it - just copy and paste the following into your browser's address bar". This was followed by what was pretty obviously a bunch of hex instructions (likely obfuscated javascript, but maybe vbscript) that apparently downloaded harmful code to the user's computer - and since the code was entered by the user, it didn't raise any red flags (maybe only by IE, maybe by other browsers as well - I didn't take it any further).
I can't imagine anyone in this day and age going to a random website and following these instructions - but on Facebook they were happy to! It was so breathtakingly stupid I had a hard time believing people fell for it; but they obviously did.
Re:People think its ok to use facebook at work? (Score:1, Interesting)
..one that will make your employees work
Making your employees work is about motivating them to do something rather than stopping them from doing something. The unmotivated employee can spend time making ASCII art with notepad, but an employee who is educated to be safe and is demonstrably motivated should be able to relax in any way that is not actually detrimental to the company.
I had a manager approach me for information to try to show that an employee was "spending too much time on the internet" very recently. When I asked if it would be a problem if that same employee was doing three times the work of any co-worker even if their internet browsing was the same, the manager had to admit that it wasn't the internet browsing which was the real problem. That same manager was also very uninterested in having their own internet logs provided for comparison when I offered.
...blaming the people who are in charge of securing there network and work stations.
People who do harm because of lack of education will not stop doing harm until educated.
We do a (provably) good job of protecting our network. We use a perimeter firewall and filtering proxy with a default deny policy and we lock down users to unprivileged accounts, even executive staff (even me; I have a normal account and a domain admin account, but I don't use admin except to escalate priviliges or do administrative tasks when necessary.)
With that as background, I can state with absolute certainty, there is no monkey proof network security.
Posting anonymously because I don't have a modpoint for "-3 completely wrongheaded". Also, though I don't have proof, I do recognize the tone and I'll thank you to please stop talking to my boss. (Humor flag: No real relationship is suspected, I am simply pointing out the reason this particular thought process irritates me.)
Re:The Most Dangerous Tool (Score:2, Interesting)
I prefer the term PICNIC (Problem In Chair Not In Computer) because people recognize the word and it has a comforting "sounds easy" connotation. Also as a bonus, somebody unfortunately inquisitive can be told how it is spelled (like it sounds) and won't immediately find a google term explaining it as they do for PEBCAK, or worse realize that their sticky note is calling them a name (ID 10t) and complain to the boss or HR.
This is handy when noting help desk tickets because other savy IT staff will recognize the reference if called on for a repetition of the same error, even if the notes don't dare describe the real problem. Example: User could not find Excel file after saving from email, browsing from inside Open dialog in Excel. Demonstrated saving with extension as defaulted rather than renaming without an extension. Should be a picnic to resolve from now on.