1. Social Media Security:
How Social Media May Leave You Vulnerable
Timothy Youngblood
Dell, Compliance and Information Security Officer
2. Social media platforms have entered
the enterprise
24hrs of Video per
300 Million Users 75 Million Accts
Min
3% Growth Per 6 Million Unique
3 Million Auto
Week Visitors
Connects
30 Billion Page 65 Million Tweets
2 Billion Views Per
Views Per Day Per Day
Day
Public Sector / Private Sector
Business Partners/Customers/End Users
2
12. Social Media in the headlines
Twitter virus among
shortest on record ….
Mark Zuckerberg's
Facebook Page Hacked ….
YouTube Hack Hits
Bieber Fans….
12
21. Federal Guidelines
Guidelines for Secure Use of
Social Media by Federal
Departments and Agencies
Training
Network Controls
Host Controls
Policy Controls
www.cio.gov/library/
21
32. Policies Protect the Organization
Over Sharing
Information
(Intellectual Property)
Mixing Business with
Personal info
(Tweet/Facebook/MyS
pace/ect..) Rage
Connection indulgence
Click Happiness
Password Sloth
32
34. Guidelines
• Protect information
• Be transparent and disclose
• associations
• Follow the law, follow the Code
• Be responsible
• Be nice, have fun and connect
34
35. Controls ensure policies are followed
• Change Implementation
• Information Security
• Program Development
• Disaster Recovery
• Contracting
• Facilities
• IT Governance
• IT Operations
35
38. ISACA – Social Media Presence
Strategy and • Has a risk assessment been conducted to map risks to
the enterprise present by use of social media?
Governance
• Has effective training been conducted for all users, and
People do users receive regular awareness communications
regarding policies and risks?
• Have business processes that utilize social media been
Process reviewed to ensure that they are aligned with policies
and standards of the enterprise?
• Does IT have a strategy and the supporting capabilities
Technology to manage technical risks presented by social media?
38
42. Social Media Security Strategy
Risk
Technology
Social Media
Platforms Defined? Policy
How do current
How are the solutions address Are employees
platforms utilized? the threats? trained on how to
Who is currently Are there supporting use Social Media?
utilizing them? technologies to Are there supporting
address risk? controls and
policies?
42