Greg Young

A member of the Gartner Blog Network

Greg Young header image 2
3 Reasons The Security Market Is (Still) A Big Unconverged Mess Social Media Data Leaks: The Polarity of Security Models

Social Media Data Leaks

July 23rd, 2009 · 3 Comments

A new recurring post, Social Media Data Leaks will show examples of data leaks, either personal or corporate, through social media.  Social media is only unique as a means of leakage as the medium is intentionally public, and usually is not easily inspected or blocked: for example, social media is often accessed via mobile devices when enterprises block network access.  I’ll be sanitizing information responsibly.

Here is this installment from Twitpic Public Stream.  Not a horridly egregious example, but I thought we would start out with an easy one:

19053365-1b6defasocmed1

(with credit to John Pescatore for the productive inspiration on thematic blog entries)

Share:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • LinkedIn
  • Live
  • MySpace
  • NewsVine
  • Reddit
  • Slashdot
  • StumbleUpon
  • Technorati

Tags: Uncategorized

3 responses so far ↓

  • 1 RSS subscriber // Jul 23, 2009 at 11:28 pm

    Dear Greg,

    I would not categorize this as a leak. Bad judgement on part of the poster, perhaps. The data is fed by users themselves, the mechanism of the service is designed to disseminate it and it does it well.

    The TripIt plugin for LinkedIn is a perfect example. On one side it might help setup meetings and get together with past colleagues and friends, on the other hand it sends a clear signal that one is not going to be home during this time. It all depends…

  • 2 John Pescatore // Jul 24, 2009 at 7:23 am

    That is definitely a leak, due to bad judgement by the poster. Really not much different than when a user emails out a spreadsheet and forgets that one tab under the pie charts is a lot of sensitive data. Not the software’s fault completely, most bad judgement by the user – but still a dangerous leak.

    With the usual caveats about surveys sponsored by security vendors who sells products that deal with the problems pointed out in the survey, Sophos just published some data on the level of attacks being aimed at social networking sites. See http://www.networkworld.com/news/2009/072309-25-of-firms-suffer-social-network.html

  • 3 RSS subscriber // Jul 24, 2009 at 11:40 am

    Dear John and Greg,

    So it is a user error by definition? I am not sure you can ever fix it. Education might help, but only to a limited degree.

    How about a little exercise in data leakage? Do a quick search on office docs you have on your hards drive, open them up and check properties filled out for those files, you will be surprised what you see there:) Might be a separate topic altogether…

Leave a Comment