This is the 4th episode of the Social Media Security Podcast recorded November 6, 2009. This episode was hosted by Scott Wright, Tom Eston and Kevin Johnson. Below are the show notes, links to articles and news mentioned in the podcast:
- More scams on Twitter including the recent IQ quiz attack. Disinformation on social networks…someone died example..are you sure they are really dead?
- Tom talks about his Open Source Intelligence Gathering talk that he recently gave. How do you find information posted about your company on social networks and why should you look? Now is probably a good time for your company to create a social media strategy and then develop a Internet postings policy around this strategy.
- Cisco has a great Internet posting policy to reference when created one for your company.
- Scott talks about creating a postings policy for your company. Here is a link to the Forrester book titled “Groundswell” that talks about creating a social media strategy.
- Kevin talks about Google Wave. What is it and why would we want to use this? What are some of the security issues with Google Wave? Check out the great research that theharmonyguy has been doing on Google Wave.
- Developers! Please start coding securely from the beginning of the project! ktksbai.
- Be sure to follow us on Twitter to stay up-to-date on all the latest news in the world of social media security!
Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. You can also subscribe to the podcast now in iTunes! Thanks for listening!
Just a note about the book reference above – Groundswell. I read it last year, and it had some very good ideas on how to identify a Social Media strategy that is right for your business. I, of course, feel that they ignored security almost completely in that edition. Maybe they will add something on it later.
But in fairness to Josh Bernoff and Charlene Li, the topic of social media is a huge one to start with. I wouldn’t flame them for not covering security in detail. But they could have mentioned that security should be a key consideration when it comes to making a final decision on implementation.
It has to be possible to secure your social media solution in a way that is relatively painless. Many IT Security folks, as Derek points out in this week’s podcast, would just say NO… Don’t do it. Too risky. But it’s just not acceptable to have that attitude any more. You have to look at the risks from a bigger picture, but that can’t be a reason to abandon responsibility for protecting your operational networks and business processes.
– Scott