Social Media In Government: Managing The Risks - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Leadership
Commentary
11/4/2013
04:31 PM
50%
50%

Social Media In Government: Managing The Risks

Government CISOs have an added layer of responsibilities in balancing the pros and cons of social media in their organizations.

2. Security guidance and best practices

CISOs must carefully assess and ensure appropriate security controls are implemented and monitored based on the latest guidelines, such as Revision 4 of the National Institute of Standards and Technology Special Publication 800-53 that includes security controls related to social media/networking resources.

3. Data loss or leakage

Social media makes it very easy to either intentionally or unintentionally expose sensitive data to unauthorized entities. CISOs must understand and communicate with other organizational leadership regarding the potential disclosure of proprietary or sensitive organization data via social media.

4. Account hijacking

Since multiple individuals often have access to a single corporate account, the likelihood increases significantly that the loss of a single phone or compromised computer would give malicious actors access to a corporate account. Government CISOs must realize that recent account compromises (like those affecting the Associated Press, Fox News, the New York Post, Jeep, and Burger King, to name just a few) could just as easily happen to their department or agency Twitter, Facebook or other social media accounts.

5. Exposure to malware

With the ability to cast a wide net at a minimal cost, adversaries are regularly using social media platforms to lure users to infected or malicious content via shortened URLs, malicious files or simple social engineering. CISOs must prevent such exposure by minimizing the use of public social media platforms or implementing additional compensating security controls.

Although acceptable risk-tolerance levels will vary from one organization to another, access to external social media and networking sites from government systems should be limited to only individuals with an official business need. Personal use can be limited to personal devices (i.e., smartphones) not connected to government systems or networks, and personal devices should not be used to access official government accounts. Shared social media accounts used for corporate purposes and information dissemination need to transition from a single username and password to a more secure authentication approach, such as two-factor authentication.

Additionally, there are now a number of third-party applications available that allow appropriate enterprise accountability, management and access control to corporate accounts. To best address the risks associated with social media, it is critical that government CISOs and other leaders ensure that a social media policy is appropriately established and communicated within their department or agency. Without an established policy and rules of behavior, social media and its security risks will run rampant throughout an organization.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
archangelnikk
50%
50%
archangelnikk,
User Rank: Apprentice
11/5/2013 | 8:01:45 PM
re: Social Media In Government: Managing The Risks
We used Facebook to help coordinate part of the US civilian evacuation during the 2011 disaster in Japan. No better example I can think of.
WKash
50%
50%
WKash,
User Rank: Author
11/7/2013 | 11:32:00 PM
re: Social Media In Government: Managing The Risks
There are many innovative examples of agencies using social media. One of the great resources is GSA's Digital Gov blog. Go to: http://blog.howto.gov/
Chuck Brooks
50%
50%
Chuck Brooks,
User Rank: Author
11/13/2013 | 10:26:43 PM
re: Social Media In Government: Managing The Risks
Social media is being used more and more for customer service at federal agencies. As Nikk mentioned, it is very useful in emergency situations and natural disasters. I see from my own experience that many government executives are visible and active on Linked In. Although there are cybersecurity concerns, it is a good thing that government is becoming more transparent and involved via social media platforms.
News
8 AI Trends in Today's Big Enterprise
Jessica Davis, Senior Editor, Enterprise Apps,  9/11/2019
Slideshows
IT Careers: 10 Places to Look for Great Developers
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/4/2019
Commentary
Cloud 2.0: A New Era for Public Cloud
Crystal Bedell, Technology Writer,  9/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll