Toronto, Canada (PressExposure) July 18, 2009 -- The Commissionerâs report sternly voices the common concerns of privacy-conscious Facebook users about the social networking siteâs approach to data collection, sharing and retention. By demanding changes to current practices, the Privacy Officer seeks to help Facebook implement protective controls that comply with Canadaâs federal law Personal Information Protection and Electronic Documents Act.
âThe added disclosure practices and transparency around the use of personal information will go a long way towards building the trust of individuals and in my personal opinion, will improve Facebookâs business rather than curtail its potentialâ according to Claudiu Popa, a recognized security expert and Informaticaâs founder. âHowever we must remember that social networking sites as a whole are information aggregators, they accumulate and consolidate detailed information about people and even employers. Thatâs why we advise corporate clients to enforce policies regarding social networking and other online activity that could pose a threat to information securityâ.
Over the past few years, organized criminals have improved phishing techniques, social engineering and other targeted attacks to the point where exploits are precisely targeted to individuals and organizations. This year, Informaticaâs Research division has observed a definite shift towards such attacks that not only demonstrates their potential for damage, but the expertise of hackers in automating such attacks and combining them with readily available virus code. This enables malware to rapidly attack unsuspecting hosts in mass, over the Internet.
Social engineering and pretexting attacks are typically one-on-one exercises in abuse of trust, attempting to convince victims to surrender critical details or share access credentials. Successful attacks can result in the loss of financial details, confidential corporate data, trade secrets, sensitive communications and client data.
To contain the risks posed by online activity by employees and clients, Informatica recommends a proactive approach that includes banning chat and instant messaging sites at work, monitoring social networking sites and instilling a culture of accountability with respect to the data disclosed by employees and trusted partners. By helping organizations to increase privacy salience, Informatica also helps companies increase staff accountability and public awareness of privacy and security threats. Other effective solutions include anti-phishing policy enforcement, malicious site blocking and security awareness education focusing on emerging threats, such as the companyâs Security and Privacy Awareness Certification program for employees and managers.
About Informatica Security Corporation Founded in 1989, Informatica Security and Privacy is a leading information risk management consulting firm focused on providing unmatched expertise to enable client organizations to control and mitigate information security risks, meet compliance challenges, alleviate the effects of wrongsourcing and adopt proven standards and best practices for exceptional governance. The firmâs FlexSecureâ¢ risk assessments and professional audits, FlexProtectâ¢ security management, STORMâ¢ (Scalable Techniques for Operational Risk Management) and WorkLifeâ¢ Security and Privacy Awareness training solutions are proven best-of-breed solutions that scale to meet the business and compliance requirements of diverse industries.