The Pentagon is reviewing its policy toward social networking sites amid security concerns. The order comes a day after the U.S. Marine Corps issued a ban on the use of Facebook, Twitter and MySpace.
The Pentagon is reviewing
its policies toward social networking sites amid network security and other
concerns.
According
to reports, U.S.
officials have ordered a review of the threats and benefits of using Web
2.0 sites such as Facebook and others. The review is slated to be completed by
the end of September.
News of the review follows
an
order
issued Aug. 3 banning the U.S. Marine Corps from accessing social
networking sites such as Facebook and Twitter from the Marine Corps
Enterprise Network (MCEN). The order does not disallow Marines from using
the networks on their personal computers outside of work.
"[Social networking
sites] in general are a proven haven for malicious actors and content and are
particularly high risk due to information exposure, user generated content and
targeting by adversaries," the order reads. "The very nature of
SNS [social networking sites] creates a
larger attack and exploitation window, exposes unnecessary information to
adversaries and provides an easy conduit for information leakage that puts
OPSEC, COMSEC, personnel and MCEN at an elevated risk of compromise."
In the past, the military
has not been totally averse to social networking. The U.S. Marine Corps order,
for example, stands in contrast to the U.S. Army's
decision
earlier this year to permit personnel to access certain social networks
from domestic campus area networks. The Army gave the thumbs-up to Facebook, Twitter
and Flickr, but disallowed other Web 2.0 sites like MySpace and YouTube.
Part of the issue seems to
be concerns over data leaks.
Enterprises
face these same concerns as well. However, opinion about how businesses
should approach social networks is divided. Some experts say the best approach
is to focus on enabling secure use of the sites through corporate policy and
educating users on what not to do. Otherwise, employees may be tempted to
access the sites via Web proxies.
Still, malware authors are
increasingly turning to social networking sites to spread their wares. Earlier
this year, an analysis by Kaspersky Lab revealed that
social
networks are 10 times more effective as avenues of malware distribution
than e-mail.
In general, social
networks should be treated with caution, Derek Mankey, project manager of
cyber-security and threat research at Fortinet, told eWEEK.
"Social networking is
quickly driving the next generation of threats, as these platforms have become
widely adopted, which means large user bases and huge traffic," he said. "Any time
you have these factors, combined with a growing platform that is increasingly
becoming more complex, it will inherently open security holes."
Email
Print
