Focus on the Privacy of Individuals on Social Networking Sites is Well Founded, but Security Impact on Organizations should Not be Ignored

Toronto, Canada (PressExposure) July 18, 2009 -- The Commissioner’s report sternly voices the common concerns of privacy-conscious Facebook users about the social networking site’s approach to data collection, sharing and retention. By demanding changes to current practices, the Privacy Officer seeks to help Facebook implement protective controls that comply with Canada’s federal law Personal Information Protection and Electronic Documents Act.

“The added disclosure practices and transparency around the use of personal information will go a long way towards building the trust of individuals and in my personal opinion, will improve Facebook’s business rather than curtail its potential” according to Claudiu Popa, a recognized security expert and Informatica’s founder. “However we must remember that social networking sites as a whole are information aggregators, they accumulate and consolidate detailed information about people and even employers. That’s why we advise corporate clients to enforce policies regarding social networking and other online activity that could pose a threat to information security”.

Over the past few years, organized criminals have improved phishing techniques, social engineering and other targeted attacks to the point where exploits are precisely targeted to individuals and organizations. This year, Informatica’s Research division has observed a definite shift towards such attacks that not only demonstrates their potential for damage, but the expertise of hackers in automating such attacks and combining them with readily available virus code. This enables malware to rapidly attack unsuspecting hosts in mass, over the Internet.

Social engineering and pretexting attacks are typically one-on-one exercises in abuse of trust, attempting to convince victims to surrender critical details or share access credentials. Successful attacks can result in the loss of financial details, confidential corporate data, trade secrets, sensitive communications and client data.

To contain the risks posed by online activity by employees and clients, Informatica recommends a proactive approach that includes banning chat and instant messaging sites at work, monitoring social networking sites and instilling a culture of accountability with respect to the data disclosed by employees and trusted partners. By helping organizations to increase privacy salience, Informatica also helps companies increase staff accountability and public awareness of privacy and security threats. Other effective solutions include anti-phishing policy enforcement, malicious site blocking and security awareness education focusing on emerging threats, such as the company’s Security and Privacy Awareness Certification program for employees and managers.

About Informatica Security Corporation Founded in 1989, Informatica Security and Privacy is a leading information risk management consulting firm focused on providing unmatched expertise to enable client organizations to control and mitigate information security risks, meet compliance challenges, alleviate the effects of wrongsourcing and adopt proven standards and best practices for exceptional governance. The firm’s FlexSecure™ risk assessments and professional audits, FlexProtect™ security management, STORM™ (Scalable Techniques for Operational Risk Management) and WorkLife™ Security and Privacy Awareness training solutions are proven best-of-breed solutions that scale to meet the business and compliance requirements of diverse industries.

For additional information, please visit http://www.PrivacyImpact.com and http://www.PrivacyImpactAssessment.com.

Contact: Claudiu Popa, CISSP, PMP, CISA President & CSO Informatica Corporation Toronto, Ontario 416-431-9012 info@informaticaSecurity.com http://www.informaticasecurity.com/

About Informatica Corporation

Informatica Security and Privacy, Informatica Education, Informatica Research, the Informatica logo, FlexSecure™, FlexProtect™ and WorkLife™, VirtualCSO™ and VirtualCPO™ are trademarks or service marks of Informatica Corporation. All Informatica white papers, proprietary research, Web site content, presentations, communications, policies and Informatica-branded documentation are Copyright © Informatica Corporation and permission must be specifically granted for use by any party. All other brands or product names are trademarks of their respective companies, organizations or standards bodies.
Press Release Distribution By PressReleasePoint

Press Release Source: http://PressExposure.com/PR/Informatica_Corporation.html

Press Release Submitted On: July 18, 2009 at 3:03 am
This article has been viewed 4088 time(s).