A clear and present danger

While some security professionals will try to control access to such sites, Symantec’s Donovan believes they’ve got no place in the business environment. “There’s just far too much risk,” he said. “It’s not vulnerabilities and malicious code that could be hosted by the site, or even the time-wasting aspect, it’s that people populate them with information they really shouldn’t be putting there. Facebook is a really good example, it’s a nefarious weed-like system that encourages people to put in more and more information and makes that information available to more and more people.

“You start off with; date of birth, name, address, mobile phone number, then you say where you’re going on your holidays then you put pictures in of your holiday and before long through the extended friends link, someone you don’t know has access to all that information and knows where you’re going away on holidays. It’s not that hard to work out where you live. They have your date of birth and your email address, which is more than enough for them to start off some sort of social engineering which then leads to more information and then you’ve got issues with identity theft. And it’s not only business, it should be individuals as well should be thinking twice about the information they put into it.”

Nevertheless, despite the concerns of people such as Donovan, there are opportunities for organisations to be had when dealing with sites such as Facebook, so social networking sites are unlikely to be going away anytime soon and resellers and SIs are most likely going to have to learn to help their customers deal with the issues. For example, Salesforce.com currently has a tool that allows users to import data from Facebook into Saleforce.com and this feature could be used to generate mailing lists and also to cross-tabulate existing data.

As a result, IBRS’s Turner said a lot of Australian organisations are taking one of two paths. “The first is that they’re not doing anything, they’re steering away from it all together to put off having to make a decision about that and you can’t blame them because it is a minefield potentially. The second path [organisations are taking] is proceeding with caution but it’s hard to do, not swimming, not in the boat. And a lot of these initiatives require a lot of commitment before they’ll actually deliver results and a lot of vendors in the market are pushing Web 2.0 initiatives around business and a lot of businesses are saying, ‘yes it sounds wonderful but how do I make money from it?’”

By Darren Baguley

a and clear collaboration danger networking present