Category Archives: Information Security

Social Media: Simplify to Reignite Your Social Network

Posted on by
2

It finally happened to me. I never thought it would, but it sure did.

What am I talking about? Information Overload

Information Overload Social Media Networking SimplifyWe’ve seen a slew of blog posts, studies, articles, and general commentary about this phenomenon. There are even psychological analyses and studies on this topic. Surely you’ve seen the various viewpoints…those who think our newly adopted, manic multi-tasking culture is a natural evolution, and those who think we were never meant to operate in this fashion. The Millennials / Net Generation / whatever you want to call the folks born from 1980 forward are experts at it. They operate differently, and they seem to have no problem with hopping from topic-to-topic, conversation-to-conversation, rapidly absorbing, filtering, and interpreting as many data points as they can possibly access.

Personally, I think it’s a natural evolution in behavior. As a species, we have always evolved to take advantage of new innovations. In fact, there’s a little concept we call Darwinism that explains why certain members of each species manage to survive over the long term, and why others do not. If you can’t keep up, you get left behind, as sad as that reality may be.

But there’s another issue here. That model of evolution makes a lot of sense, but it has historically conspired over extended periods of time, decades, centuries, even millenniums. But now we are making large-scale advancements between generations and even decades. Many Baby Boomers simply don’t understand or condone the younger sect’s way of operating. That doesn’t make them superior or more right. After all, they were raised in a different time where mass media was the primary form of communications. That medium, by its very nature, is a single stream of content on which you need to focus.

I find myself in an odd between state, where I can often be much more productive via focusing, but where my normal mode of operation is fragmented like the younger group.

A couple of things changed that put me over the tipping point.

First, I decided to dabble with foursquare over the course of several months. My initial reaction to the service was negative. Thoughts of an Orwellian future filled my head on first glance. Why do I want to advertise where I am? And as we’ve seen, why advertise where I am not? Well, the repeated advice from social media “gurus” that I needed to get on the Geolocation train finally broke me down and I started to play the game. Those of you who know me personally have already likely heard about my concerns, even while I was using it (probably a mad effort to rationalize it for myself, actually).

Second, my job changed a bit and became significantly more busy. Like 14 trade shows in 4 months busy, on top of my existing messaging, social media, and other responsibilities. I also inherited all of MarCom for Anue Systems.

Of course, sooner or later, something had to give. I was already juggling a full time job, family, blogging, and a list of other items. But a couple of weeks ago, I got this mad feeling to go hide under a rock. Yep, it was full-on Information Overload.

So I had to make a very important choice: Simplify.

Go cold turkey on foursquare.

Start removing those I follow on Twitter with whom I have no relationship to speak of or who provide no value to me. If they stop following, oh well. Quality over quantity, right?

Focus more on conversations rather than content. And strongly focus on real people in my locale who I can meet and engage with offline. This was the most refreshing of all of these changes!

Now I feel much better. Call it a social media spring cleaning. It’s something we should make a habit.

How is social media treating you? Are you still getting the same value out of it? Could your activities use a fresh spring cleaning? Have you ever experienced Information Overload? Tell me your story in the comments. If I get some good enough conversation going, I’ll assemble them into a post for my Posterous page to share with the world!

Twitter URL Shortener: Good Response to Phishing

Posted on by
4

Twitter, social mediaThe news sort of came out a bit under the radar, but Twitter announced a very interesting change they are implementing on their blog (March 9, 2010). Positioned as a response to phishing, they will be changing URLs in Direct Messages to their own twt.tl shortened redirects. Essentially, they can then track for bad behavior and block the URL altogether if the target web page  is found to be malicious.

I applaud them for taking some action to integrate the security layer within their own infrastructure, as it is clear that more users than we’d like to admit can be “social engineered” to click on almost anything. No other URL shortener service has shown an ability to build in the needed level of control, and who would be able to make this work better than Twitter itself?

The question remains open as to where they intend to take this newfound capability in the future. And sure, if it can be used for DMs, why not have it available for all messages.  This all comes down to how the new service is offered. Currently, it appears to be standard on all URLs in DMs, regardless whether they were shortened or not beforehand. If this were to become part of every tweet as well, would it be optional or the de facto shortener in all cases?

Here is the rub: sometimes you have to make tradeoffs for security purposes. Do we really lose anything important if they standardize on their own shortener, so long as we can still get all of the metrics and other “bells and whistles” we currently get via other tools? If it helps them proactively maintain a more secure environment on Twitter, I’m willing to make that sacrifice. Then again, I’m not on there trying to fool tweeps into clicking links to mischievous places.

I’ve seen various opinions out there, some in favor and some more cautious about Twitter having their own shortener. What’s your take on it? Fear of Big Brother or just another smart way to control misbehavior?

___________________________

Cheers to local fave @Wesley83 (Wesley Faulkner) for sharing Twitter Alters Some Links to Improve Security (by Peter Kafka) on his Posterous page. That’s where I first learned the news, and he keeps a great personal blog on there.

Social Media: Think Before You Tweet

Posted on by
5

Last week while traveling to San Francisco for the RSA Conference 2010, I finally took the time to figure out how to use TwitPic from my mobile phone. It was like a revelation! For those of you who follow me, you may have seen as I posted various photos from the trip out there, my dinner the first night, etc. I had a shiny new toy!

Then on Monday night during the opening reception, the show was relatively slow. You see, they open the show with a two-hour open Expo, and the organizers treat attendees to beer, wine, and food. Because of the treats and eats, very few of the attendees are actually interested in engaging in business-related discussion of any sort. Of course, as an exhibitor (@AnueSystems, actually), we are required to man the booth in case we are approached by anyone with questions or interest in our products.

Since we were mostly standing around looking for some meaningful conversations to crop up, I decided to partake in one of my favorite pastimes when out in public: people-watching. RSA presents a very interesting range of people from all around the world. There were business types in suits, hard-core security techs in t-shirts and jeans, booth talent in various getups, marketing and sales folks in company branded attire, and just about anything else you can imagine.

About an hour into the show, a woman approached the booth across from us in a very peculiar outfit. In fact, it looked as though she were dressed by a color blind, stylistically-challenged imp! We had a nice chuckle among our group, and of course we snapped a couple of photos. Then it dawned on me…I had to share this one on Twitter. It would surely elicit some nice laughs by my online friends, so I opened up email and teed it up to send with the following message included: “RSA 2010: Not a fashion conference”. After a few minutes, I had second thoughts about whether this was a smart thing to do, but it appeared the email had already sent, so I was all in.

The next day while having lunch with Jennifer Leggio (@mediaphyter), Social Business blogger for ZDnet, I shared this story to see what she thought. Her reply? “What if that is one of your customers?” Of course, I was just about certain it was not, but as I pondered her feedback further, I grew more and more concerned about doing something so stupid without thinking first. Now, I’m a guy who is no stranger to the taste of my foot, but at this point in my life, I’m most certainly too old to blame such a gaff on the folly of youth.

That night, I logged into Twitter to see what maelstrom of feedback I may have gotten to the picture, and it unexplainably wasn’t showing up in my stream. I was befuddled! Can it be…did the email never in fact deliver? So I went to TwitPic and logged in, and alas! I did manage to successfully cancel the transmission, which was the result of either luck or badly-needed common sense [maybe a little bit of both].

Whew, what a close call. For those of you who know me, you’re aware that I’m always up for a good laugh, but seldomly in such a disrespectful way to fellow professionals (and yes, even those with no fashion sense deserve respect on an intellectual and business level). I try very hard to foster productive and mutually beneficial relationships. In fact, networking is one of the most important things I do outside of work and spending time with my family.

But in one fell swoop, I nearly let the my fervor for a newfound toy throw me off my course. Never forget, social networking is still about people first. Anything you say or post online is available for public consumption, and with your “it’s me” stamp of approval permanently attached. Sites, tools, software, and cool apps are great, but they are just methods by which to interact with real people. Think about how it might affect the person on the other end, and in this case, the “butt” of the joke. It’s just not worth doing something potentially offensive for a cheap laugh. Oh yeah, and if you’re in the job market, be sure your Facebook account won’t scare off your interviewer. If you don’t think they are looking, think again.

Special thanks to @Mediaphyter for her voice of reason. If you haven’t seen her work, I highly recommend you take a moment to do so.

On that note, namaste my friends.

Information Security & the New Generational Gap

Posted on by
6

Since the RSA Conference is happening this week, I thought it would be different to do a piece that hits on both Real-time and Information Security. The following blog post is my own original work that appeared on The Network View, the official blog for Anue Systems, on November 12, 2009. It highlights some important sociological differences between the various generations of today’s adult population, and looks at how changing work habits and security need to find a workable balance.

________________________________

We all know that each generation (i.e. Baby Boomers, Generation X, etc.) brings with it new and different behaviors, attitudes, opinions, and interests. However, with the rapid advancement of technology in general, we are just now learning exactly how pervasive connectivity is impacting the younger sect of our working population.

Earlier this week I came across a very intriguing commentary on this very topic, Lifestyle Hackers, which appears on CSO Online. This insightful article talked about what is being referred to as the “Net Generation“, the younger subset of our population that has never known life without the Internet and other communication technologies (as opposed to Baby Boomers who were raised with television as the primary technology/communications breakthrough early in life).

social media, marketing, entrepreneurship, mobility, real-time, fantasy sports, infosec, security, information security
Connectivity: A Threat or a Productivity Tool?

Technology exposure has upsides and downsides, and we won’t go into all of the social implications of being connected and interacting virtually rather than face-to-face. However, twenty-somethings, the first true group of working adults among the Net Generation, seem to have a knack for finding their way around security measures. The ever-present Insider Threat is no longer solely a problem of user ignorance or malicious intent; it is now a problem of technical competence and motivation. How can that be you ask?

You see, the Net Generation views life, business, and productivity through different glasses than previous generations. While your security team is blocking access to social media, instant messaging, and other “high risk” applications, NetGeners (as we’ll refer to them from here forward) find those media to be crucial to their productivity. But your leadership team likely sees these tools as hindrances to productivity, hence the desire to block access. In the end, we’re all chasing the same goal – to get more done and to do it as efficiently as possible.

social media, marketing, entrepreneurship, fantasy sports, mobility, real-time
How do you define productivity?

Basically, the problem all comes down to perspective. Baby Boomers are more likely to focus on a specific task, much like watching a show or channel on TV. NetGeners, on the other hand, prefer the connectivity of the internet and have come to embrace multitasking as a fact of daily life. The article elaborates on this point, “As Internet-facing technology became ubiquitous and leaped from the home to the mobile device, the Net Generation adapted by incorporating new technology into its very social fabric.” Heck, NetGeners even have their own slang these days.

So who is right? Everyone is in some way. NetGeners see Facebook as a tool for collaboration to more quickly solve problems. They use Text Messaging (SMS) much like Baby Boomers have come to embrace email, but NetGeners prefer the instant gratification of knowing the message delivers now and the answer will come quickly, rather than a day or two later. For these reasons, many NetGeners actually refer to themselves as “Generation Now”. [Editor's Note: It's curious that most NetGeners somehow fail to grasp the value of Twitter, but that's another discussion altogether.]

The bottom line is this – media changes and evolves, as does technology. Different generations work in different ways. This has been true for hundreds of years now, through the Industrial revolution, which first made the term “economies of scale” relevant, to today, where micro-anything and real-time is deemed superior to the old way of doing things. First there was snail mail, then the telephone, then the facsimile (”fax” to all you NetGeners), then the Internet, then email, and then finally, widespread acceptance of cell phones. Cell phones naturally forced the whole equation to evolve again, and now, real-time is key.

So what’s a security professional to do? As a technologist, the smart approach is to embrace and enable safe usage of these new technologies. Revisit your Security Policy. If it’s too restrictive, expect problems if/when you hire twenty-somethings. They will find a way around it, and your policy won’t work. Ultimately, you risk failing to enforce the very security that you aim to establish.

Security is here to ensure safe operation of the network, but not here to handcuff workers from being able to be productive. We’re not there yet, but a balance must be struck, and it’s up to CSOs and Security Management to determine the optimal approach.

Have you managed to figure out the balance? Please share your thoughts, tips, or even any criticisms of this viewpoint. This is a topic that must be discussed, and we’re happy to take the lead on drumming up the discussion.