![Page 1: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/1.jpg)
Copyright © AIIM | All rights reserved.
#AIIMThe Global Community of Information Professionals
Social Media Security Threats
Jesse Wilkins, CIP, IGP, CRMDirector, Professional Development
AIIMMarch 17, 2016
![Page 2: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/2.jpg)
Copyright © AIIM | All rights reserved.2
Jesse Wilkins, CIP, IGP, CRM Director, Research & Development, AIIM Twenty years experience as a vendor, consultant, end
user, trainer Lead architect for Certified Information Professional
(CIP) certification Frequent author and speaker on
IM-related topics Developer, AIIM Social Media Governance
Training Course
![Page 3: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/3.jpg)
Copyright © AIIM | All rights reserved.3
Agenda
Introduction to Social Media & Security Social Media & Identity Theft Social Media & Hacking Social Media & Privacy
![Page 4: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/4.jpg)
Copyright © AIIM | All rights reserved.4
Agenda
Introduction to Social Media & Security
Social Media & Identity Theft
Social Media & Hacking
Social Media & Privacy
![Page 5: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/5.jpg)
Copyright © AIIM | All rights reserved.5
Social Is Everywhere
1,350+ years worth of time spent every day on Facebook.
1.7B Facebook users. 65% log in on any day - and post 4.5B likes/day. 300M photos uploaded per day. And… Twitter and LinkedIn and Pinterest and Google+
and Tumblr and Flickr and Instagram and Myspace(!) and Livejournal and Orkut and Yammer and WhatsApp and blogs and millions of private social networks and enterprise social networks and all of the
![Page 6: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/6.jpg)
Copyright © AIIM | All rights reserved.6
Social Media Is Social
Making connections Reestablishing lost connections Making new ones
Sharing information Sharing thoughts & moments Searching for interesting stuff
All of which can be scary from a security perspective!
![Page 7: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/7.jpg)
Copyright © AIIM | All rights reserved.7
Who Owns The Content?
![Page 8: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/8.jpg)
Copyright © AIIM | All rights reserved.8
What Laws & Jurisdictions Apply?
![Page 9: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/9.jpg)
Copyright © AIIM | All rights reserved.9
Who Owns The Accounts?
![Page 10: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/10.jpg)
Copyright © AIIM | All rights reserved.10
Social Media Security Threats
Identity theft Impersonation Hacking Privacy disclosures Disclosure of other sensitive information Reputational damage
![Page 11: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/11.jpg)
Copyright © AIIM | All rights reserved.11
Neither is denial.
Prohibition is not realistic.
![Page 12: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/12.jpg)
Copyright © AIIM | All rights reserved.12
Agenda
Social Media & Identity Theft
Introduction to Social Media & Security
Social Media & Hacking
Social Media & Privacy
![Page 13: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/13.jpg)
Copyright © AIIM | All rights reserved.13
Impersonation
Fake account pretending to be a celebrity, politician, etc. You connect, they have access to your stuff Their links could be to malware or spoof sites
![Page 14: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/14.jpg)
Copyright © AIIM | All rights reserved.14
Impersonation
Fake account pretending to be YOU Your friends (re)connect to “you”, bad guys have
access to their stuff “You” send out bad links “You” send out requests for money etc.
Big issue on social networks you DON’T use
![Page 15: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/15.jpg)
Copyright © AIIM | All rights reserved.15
Social Media Identity Theft
How much have you shared? Significant dates High school, college Kids’ names Parents’ names Pets’ names Favorite books & hobbies
On the internet nobody knows you’re a dog… Or an imposter!
![Page 16: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/16.jpg)
Copyright © AIIM | All rights reserved.16
Agenda
Social Media & Hacking
Social Media & Identity Theft
Introduction to Social Media & Security
Social Media & Privacy
![Page 17: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/17.jpg)
Copyright © AIIM | All rights reserved.17
Hacking Via Social Engineering
Bad links: https://www.facebook.com/login/identify http://bit.ly/50m47h1ng84d
Spoofed emails with bad links Spoofed site – you enter your credentials Site may be able to install malware
Adware Keystroke loggers Other stuff
![Page 18: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/18.jpg)
Copyright © AIIM | All rights reserved.18
Hacking Via Social Engineering
Special addons “Who viewed my FB posts?” “Change your FB profile & colors!” Could simply lead to bad link Could have you install a bad app Game apps a big vector here – “cheat apps”
![Page 19: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/19.jpg)
Copyright © AIIM | All rights reserved.19
Hacking Via Bad App example
Source: https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_risks_of_social_networking.pdf
![Page 20: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/20.jpg)
Copyright © AIIM | All rights reserved.20
Another Bad App Example - Walkthrough
http://www.fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data
![Page 21: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/21.jpg)
Copyright © AIIM | All rights reserved.21
Another Bad App Example - Walkthrough
http://www.fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data
![Page 22: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/22.jpg)
Copyright © AIIM | All rights reserved.22
Another Bad App Example - Walkthrough
http://www.fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data
![Page 23: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/23.jpg)
Copyright © AIIM | All rights reserved.23
Hacking Via Social Engineering
How much did you share? Those questions are often:
Basis for passwords Security questions
All those QUIZZES!
![Page 24: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/24.jpg)
Copyright © AIIM | All rights reserved.24
Hacking Via Shared Passwords
Across your accounts With others – even significant others
![Page 25: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/25.jpg)
Copyright © AIIM | All rights reserved.25
Agenda
Social Media & Privacy
Social Media & Identity Theft
Introduction to Social Media & Security
Social Media & Hacking
![Page 26: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/26.jpg)
Copyright © AIIM | All rights reserved.26
What Are You Posting?
Your favorite stuff Where you are
And where you aren’t http://www.pleaserobme.com
What you’re doing Home sick…posting pics from the big game? Gaming?
![Page 27: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/27.jpg)
Copyright © AIIM | All rights reserved.27
What Are You Posting?
“I hate my boss, I hate my customers, I hate my job!”
-- Lots of people
![Page 28: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/28.jpg)
Copyright © AIIM | All rights reserved.28
What Are You Posting?
“Just figured out how to get around IT’s stupid limits on email!
-- Lots of politicians(and lots of employees)
![Page 29: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/29.jpg)
Copyright © AIIM | All rights reserved.29
What Are You Posting?
“That feeling when you drank so much the night before but you have no hangover because you’re still drunk!”
-- Hopefully NOT your boss, your pilot, your surgeon…
![Page 30: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/30.jpg)
Copyright © AIIM | All rights reserved.30
What Are You Posting?
And the usual suspects: Personal/personnel information Proprietary information Sensitive or confidential
information Customer information Internal strategies &
deliberations Negotiations Pictures including faces
![Page 31: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/31.jpg)
Copyright © AIIM | All rights reserved.31
What Are Other People Posting?
Other people can: Upload pictures of you and tag you (Facebook will try to auto-tag you using facial
recognition) Check in with you at a location Check you into a location Share stuff to your timeline
![Page 32: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/32.jpg)
Copyright © AIIM | All rights reserved.32
Other Peoples’ Posts
![Page 33: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/33.jpg)
Copyright © AIIM | All rights reserved.33
Other Peoples’ Posts
![Page 34: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/34.jpg)
Copyright © AIIM | All rights reserved.34
Other Peoples’ Posts
![Page 35: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/35.jpg)
Copyright © AIIM | All rights reserved.35
Conclusion
It’s a scary social media world out there! But you can protect yourself…
![Page 36: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/36.jpg)
Copyright © AIIM | All rights reserved.36
Questions?
![Page 37: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/37.jpg)
Copyright © AIIM | All rights reserved.37
Additional Resources Social Media Policy Database
http://socialmediagovernance.com/policies/ SHRM Social Media Policy Template
http://www.shrm.org/templatestools/samples/policies/pages/socialmediapolicy.aspx
NARA Best Practices for Capture of Social Media Records http://www.archives.gov/records-mgmt/resources/socialmediacaptu
re.pdf
AIIM Social Business Assessment http://info.aiim.org/how-to-conduct-a-social-business-assessment
AIIM Social Business Roadmap http://www.aiim.org/Social-Business-Roadmap
![Page 38: 20160317 ARMA Wyoming Social Media Security Threats](https://reader036.vdocument.in/reader036/viewer/2022070510/58ac6ca21a28abd7488b600b/html5/thumbnails/38.jpg)
Copyright © AIIM | All rights reserved.38
For More Information
Jesse Wilkins, CIP, CRM, IGPDirector, Professional DevelopmentAIIM International +1 (720) 232-9638 direct
http://www.twitter.com/jessewilkins
http://www.linkedin.com/in/jessewilkins