Stop! Think!
 It is not often that we’ll comment on the political goings on in the world. Recently, however, there have been some tragic events that have led to some public postings on social networking sites that have been in extremely poor taste. Understandably, there are a lot of young people grieving and social networking appears to have had a large part to play in their grieving process. For example, it is not uncommon for Facebook group pages to have been set up for people in order express their condolences. Unfortunately not everyone in the world is sympathetic, and some individuals have abused the open nature of the group pages by posting inappropriate material.
Now, while we certainly don’t condone the actions of those individuals, neither can we let the inappropriate responses from well meaning public figures go without comment. Prime Minister Rudd, Senator Conroy and The Honourable Anna Bligh have all very publicly stated at some point that the Facebook security has failed in one form or another, and have contacted that organisation to convey their disgust with the situation (Facebook’s excellent reply can be seen here). Unfortunately they cannot be further from the truth; Facebook security was not breached in the slightest. The open forum pages behaved exactly as they were designed – to be an open forum.
Monitoring/Filtering/Censoring (pick description to match your view) postings on a public forum is simply unfeasible – how our political leaders expect Facebook (or any other forum provider, for that matter) to perform such a task has yet to be answered, and no doubt will be forgotten as this week rolls on. No one seems to have mentioned, that maybe, an open forum was not an appropriate manner in which to express one’s condolences?
What is interesting is that some of the questions, solutions and ill-informed comments that have resulted from the Facebook postings do resonate with many of the questions we often are asked by corporations in an attempt at controlling their IT infrastructure from abuse. Concerns often range from an external attacker attempting to gain access to the ‘inner sanctum’, to a bored, malicious or opportunistic member of staff attempting to do the same. Given limited money, staff and time how do companies protect their staff from cyber bullying and posting inappropriate material from, or to, corporate resources?
There is an abundance of monitoring and filtering solutions available, and as we’re not here to preach to the converted – We are very certain that the majority of our readers will have IDS/IPS and SIEM solutions implemented somewhere in their systems, and appreciate the difficulties in ensuring the ongoing safety of their systems’ users.
But wait! You see what we have done here? We have immediately started to talk about solutions before fully appreciating the problem. This is a trap that we see many organisations fall into time and time again. As security analysts and professionals it is often our job to identify the underlying problem and work through potential solutions to that problem.
In the example that we opened with, we could argue that the problem in this instance is one of culture and understanding. Therefore, a technical solution is likely to be an inappropriate (and ineffective) response.
One of the most consistent ways to logically deal with such issues organisationally is to establish a framework designed to work through these types of problems. We have had much success with our Vulnerability Management Framework®, but there also other alternatives approaches that may be just as viable. The whole point is next time a technology related threat faces us, we need to STOP! And emotionally divorce ourselves from the problem, THINK and logically work through to identify what is the real issue at hand, then, and only then, can an appropriate response be developed. Organisationally, a framework to facilitate these actions is the best way to save unnecessary embarrassment, cost and undue pressure on limited resources.
So, the next time you’re presented with an emotional and pressing security issue, how would you handle it?
|
