At Wall Street and Technology's Executive Peer Roundtable on Security Risk this week, delegates pressed financial firms to consider the security threat posed by employees -- or potential employees -- using social networking sites, such as Facebook and MySpace.
It is critical to secure applications and data inside a company, they said. But it is equally important to keep a careful eye on communications between employees and the outside world.Emails can be encrypted and Instant Messages monitored. But let's say an employee posts a message on a social networking Web site, and writes, 'We're having problems with our server. Who can help?'
You're immediately alerting the outside world to a vulnerability at your firm, which could attract hackers, a delegate pointed out.
He urged IT security managers to ask themselves, "What type of social networking presence does your company have? And do employees or potential employees have an online presence?"
Social networking Web sites are undeniably useful and fun - but they are not private. So how much information do you really want to reveal on Facebook, My Space or LinkedIn?
The answer is, probably not much.
A number of financial firms such as Credit Suisse, Citigroup, LloydsTSB, and Goldman Sachs have already banned their employees from networking on Facebook, out of fear of security (and procrastination).
Job sites, where people post email addresses, phone numbers and employment history, can also be a potential minefield for hackers. Monster.com was recently the victim of an attack which saw 1.6 million records stolen.
In addition to making yourself vulnerable to a potential hack attack , posting resumes on Web sites can also seriously compromise your privacy. Last week, a Morgan Stanley broker was charged with illegally using personal information from resumes posted on CareerBuilder.com to cold-call potential clients.
"The resumes were chock-full of valuable information, such as employment history (suggesting potential sources of 401(k) transfers), recent salary levels and vital contact information, such as cell phone telephone numbers that might not otherwise be published," William Galvin, Massachusetts' Secretary of the Commonwealth, said in a statement.
So next time you answer a friend's request to join yet another social networking site, or post a resume online, beware. You could be jeopardizing your company's security, or a future job... Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio