As Internet changed our ways of living, Social Network applications such as Facebook changed our ways of interacting with others. According to a report written by Emil Protalinski this year, Facebook users spent more than 10.5 billion minutes per day on Facebook during January 2012, excluding mobile devices. This comes out to 12 minutes and 26 seconds per user. With so much time consumed, Facebook users definitely created tons of information concerning all the aspects of our lives.
To begin with, let’s see what kind of information Facebook has. Facebook consists of four parts, which are personal page, friends, groups and apps. Personal page includes people’s daily activities, profiles, photos and events. Friends include news, messages and events from their friends. Groups provide people a place to discuss, communicate and share their thoughts. Facebook also contains millions of third-party apps to help people entertain and work. Each part of Facebook contains immeasurable information. Most of the information on Facebook is visible to the outside world for the purpose of sharing and exchanging information.
With so many concerns presented by different people from different perspectives, we can summarize those into three categories considered as threats to user information security: * Users release too many details about themselves to public. Many users do not have the awareness that criminals are watching them at their convenience and thus sometimes give criminals the “key” (derived directly from user’s basic information) to open the door, step into users’ “rooms” and take whatever they want. To avoid such misfortunes happen, users should be aware of what is important and build good habits that think twice before uploading pictures, modifying profiles and adding status. A good way to reduce this risk is not to link any other accounts information with user’s basic information such as birthday, address and others. * Facebook does not take adequate actions to protect user information security.
At first the purpose of Facebook is to share information. For example, the “advanced search” gives everyone including crooks the right to ask its database for any of fields in a profile. It is easy for one to search for students from New York in UW. However, such function facilitates not only users but also crooks. In addition, Facebook provides millions of apps on its platform. These apps are actually good places for criminals to obtain user’s information. For example, one can easily collect user’s birthday by creating a birthday reminder app or access user’s calendar by creating a calendar management app. Therefore, Facebook actually gives crooks space to fulfill their needs. * Third parties are actively seeking out end-user information using Facebook. Unlike previous times people are trying to get used to Facebook, now people have the awareness that Facebook has huge information of which can be made use. Many website and apps allow user to use Facebook account to log into their systems. This actually improves the chances for crooks to do something evil.
To sum up, users, Facebook itself and third parties are three key factors affecting information security. As the host, Facebook should realize the threats and build complete policy to help guide users and third parties to the right track of protecting and valuing information.
Andrew R Hickey, 2011, Social Networking A Major Security Threat, Cybercriminals Eye Facebook, http://www.crn.com/news/security/229000883/social-networking-a-major-security-threat-cybercriminals-eye-facebook.htm Emil Protalinski, 2012, 10.5 billion minutes spent on Facebook daily, excluding mobile, http://www.zdnet.com/blog/facebook/10-5-billion-minutes-spent-on-facebook-daily-excluding-mobile/11034 Facebook To Share Users’ Home Addresses, Phone Numbers With External Sites, http://www.huffingtonpost.com/2011/02/28/facebook-home-addresses-phone-numbers_n_829459.html Biggest Security Threat: Facebook & You, http://www.cbsnews.com/8301-505144_162-36944079/biggest-security-threat-facebook–you/ Protection strategies for social networking (Facebook security best practices: A summary) http://www.sophos.com/en-us/security-news-trends/security-trends/social-networking-security-threats/protection-strategies.aspx Social Networking Security Threats, http://www.sophos.com/en-us/security-news-trends/security-trends/social-networking-security-threats/facebook.aspx Top 9 Security Threats of 2011, http://www.bankinfosecurity.com/top-9-security-threats-2011-a-3228/op-1 Facebook Security Threat: 45,000 Passwords Stolen By Ramnit Worm, Seculert Claims, http://www.huffingtonpost.co.uk/2012/01/06/facebook-security-threat-_n_1189387.html Facebook: Threats to Privacy, Harvey Jones, http://groups.csail.mit.edu/mac/classes/6.805/student-papers/fall05-papers/facebook.pdf