Greg Young

A member of the Gartner Blog Network

Greg Young
Research VP
6 years at Gartner
22 years IT security

Greg Young is a research vice president in Gartner and the lead analyst for network security. Mr. Young has experience in IT security in product companies, and in both the private and public sectors. He spent his military career in technology security… Read Full Bio

Coverage Areas:

Social Media Data Leaks: The Polarity of Security Models

by Greg Young  |  July 24, 2009  |  2 Comments

There were some thought-provoking comments on yesterday’s post: is this kind of information a data leak, a breach, or just being too informative?

In the example below I had to blank out the username because it was the same as the Twitter name. 

twits2

We’ve become accustomed to the positive security model for email, which is to send only to those we specify.  Social media generally has a negative security model which is to make it visible to all unless you specify otherwise. 

In this case, the habit from the email model was likely the culprit, and although a recipient was specified, it wasn’t sent as a Twitter Direct Message (DM), so we all get to be ‘Oscar’.

2 Comments »

Category: Uncategorized     Tags:

2 responses so far ↓

  • 1 Social Media Data Leaks: TMI   July 28, 2009 at 9:30 pm

    [...] Social Media Data Leaks: The Polarity of Security Models [...]

  • 2 Is OpSec An Endangered Species?   August 5, 2009 at 7:16 am

    [...] Andrea DiMaio in Gartner’s government practice gave his thoughts here, while Anthony Bradley in our Application Architect group did so here.  Greg Young had previously demonstrated Twitter data leakage here. [...]