Delivery in day(s): 4
Social Networking Assignment Help
Social Networking Assignment Help discuss Social Networking Applications (SNAs) which are very popular in our increasingly interconnected society. It discuss the security threats and their strategic implications for organizations using SNAs.
IntroductionThe popularity of social networking applications and sharing sites is on the rise, and companies are looking for new ways to exploit this popularity for advertising and marketing purposes. Some of the most popular platforms in social media category include: Facebook, MySpace, LinkedIn, YouTube, Digg, Twitter, Foursquare, StumbleUpon, Bebo, Orkut, Flickr, GoWalla, Friendster, hi5, and many more. The available sites and applications allow users to associate with people and befriending individuals of similar taste. These sites allow sharing of information; publicly or privately, with or without the ability to filter or control content for exclusive viewing. With the emerging trends in technology, the social networking platform allows users to share and contribute information as quickly as it is updated- closely similar to live television broadcasts. A prominent social communication platform for professional networking is LinkedIn. Professionals stay in vogue with the emerging trends and opportunities in their respective fields of work or industry, by sharing ideas, exchanging professional information and articles, posting employment opportunities, and much more. Sites such as Digg, StumbleUpon, Youtube, etc., happen to promote social and political views amongst followers, by allowing sharing of all kinds of media, and either ranking it or sharing it further. [Read about Social Group Management Assignment Help] The advent of Web 2.0 technology serve as a channel for many uses, and even people with malicious intent have realized this; with available data being hacked and attacked for personal and professional purposes.
Social Networking for BusinessesBusinesses are using social networking as a tool of strategic change in solving trust problems. The organizations that will win are the ones that most easily enable individuals to build relationships and communications with people they trust (Carfi and Chastaine). Following is a case study which shows how the company, Toyota used social networking service to regain public trust, and successfully employed communication technology as an approach towards strategic change (Bush, 2010). In January, 2010, Toyota recalled 4 million sold cars for repairs and fixing of acceleration pedals. The announcement brought shame to the company and the marketing of Toyota brand name was in danger of perils. Traditional marketing media suggested that Toyota was being disloyal to its fans and trying to cover its flaws. Headlines suggested that customers will be driven to a dilemma regarding their loyalty to the brand, should they feel that the resale value of their vehicle has depreciated, or be a part of action lawsuit, or get a letter of compensation. As a measure of redemption, Toyota created a social media response team, with six to eight people constantly monitoring online conversations and responding accordingly and immediately. With the launching of four Facebook pages, creation of a Twitter chat with Jim Lentz, Toyota Motor Sales USA president-chief operating officer, and platforms on Digg and Tweetmeme, called Toyota Conversations, Toyota aggressively delved into bringing together online chatters and interacted with them directly. The endeavor attracted more than sufficient attraction, with the social buzz over one million views in five days.The social buzz skyrocketed, and posts about Toyota Furthermore, they created some large volumes of online conversations with a series of video interviews with customers, brand loyalists, associates and dealership personnel; asking them feedbacks, perspectives and responses on the proactive issues of the Toyota Company. The results of such measures were fruitful, as the brand increased its fan base by 10% within five days of the stop-sale announcement, and surprisingly, a large number of loyal customers jumped in to defend Toyota and its marketing value; only showing that Toyota might not have lost the trust it so much wanted to regain. Earlier, they were accused of communicating too little with media, customers and associates, but Toyota management soon realized the importance of the most important communication tool: social networking. Another successful example of social networking as a business tool is Best Buy. They used Facebook to launch a poll requesting users to lit their favorite vampire movies, and then put them all up for sale. This proves as a great case study for marketing brand based on customer feedback and then responding accordingly. An interactive platform was laid down where fans got first-hand view of the process in action. Then there is Ford Models, which used YouTube to widen the audience base. The wide range of videos of photo shoots and fashion shows, showing models traveling to exotic locations, tips from stylists, etc. provided a multi-lingual content accessible to public otherwise distant from the glamour world. Social networking sites and applications can also be used in education industry, as is shown in the case study of University of Phoenix’s Online teaching program. A top-tier university holding lessons on YouTube is a marketing strategy that attracts every type of potential student out there. They offer video testimonial, reviews, documentaries and webisodes, and are among the first schools to adopt an online Social Media Marketing strategy.
Safety implications of social networkingWith the boom in corporate use of social networking, there come great dangers of information exploitation by the use of aggregated data from different social networks. There are various data mining processes which can be used by attackers to target organizations. Facebook, LinkedIn and Twitter provide details on an individual; including contact information, employment details, financial details, and much more. A potential attacker can easily harvest information on organizational structure, potential clients and associates, company operations, and even the business infrastructure of different divisions, just by following the profile changes or status updates of the targeted individual. Majorly, an attacker exploits the social engineering element of trust when initiating a social networking attack. People easily tend towards trusting information fed to them through social networking sites and applications and even end up befriending strangers. This inherent trust can easily be exploited by the attacker to target an employee and gain access to company information and use it in more than one ways. The average user doesn’t really anticipate social engineering attacks and ends up as an easy victim of the attacker who they supposedly trust (Fogel and Nehmad, 2009). Furthermore, it’s very easy to fake or create identities on a social networking platform (DiMicco and Millen, 2007). Such fake identities can be easily used in obtaining digital signatures of an employee and approach other members of the organization. Once the penetration is done, it can very conveniently be used for other malicious activities. A potential attacker can propagate malware through an organization’s network in the form of viruses or Trojans. Employees can be easily coerced by social engineering tactics, and made to open or download infected files and attachments. Most often links are posted on sites which require users to install plug-ins in order to view the available content. Most users do so without thinking much, and easily expose the vulnerabilities of an organization without any security policy against installation. All these attacks lead to installation of malware on a computer which is highly likely to be a part of an organization, and can be used in data thefts and misuse of information. Another mode through which sensitive information such as usernames, passwords, credit card, etc., can be acquired is phishing. Phishing in corporate sense is known as Spear-Phishing or Whaling (Fogel and Nehmad, 2009). It is one of the most popular attack method used by web criminals and hackers. This is an easy to use method and is considered as the best choice by attackers due to its high success rate despite its common use. As mentioned earlier, social networking sites and applications provide information which is easily trusted by ignorant individuals. They are not aware of the existent threats and fall easily for the malware attacks concealed within these platforms. Powerful attacks can be launched against organizations, such as duplicating a company’s website portals. After sufficient trust is gained within the organization network of employees, the attack is launched in the form of attracting employees towards the Phishing site. Due to the fake website’s similarity with the actual company page, employees do not hesitate in providing their employment credentials which is directly sent to the attacker’s computer. A more effective method of infiltrating internal organization networks is through exploitation of cross site scripting vulnerabilities coupled with the existing attack methods. In this method, the attacker only needs a link instead of a phishing website, with fake login forms within the webpage of organization’s actual network. The method is less suspicious as the link distributed directs to the actual webpage of the company, and therefore, proves more efficient and reliable for the attacker. On summing it up, it turns out that a potential attacker can easily gather information, by using legitimate actions within social networking applications, and without using any traditional legally jeopardizing attack methods. The acquired data provides an efficient and reliable way to launch a much more organized attack and compromise the position of the targeted organization. Protection against these threats requires an organization to formulate a strategy which covers all aspects of social networking use for personal or professional purposes. The policies laid out in the strategy should spread awareness among the employees updating them with the possible threats, resulting risks, and implications of the control measures. Company exposure to the social networking sites should be constantly monitored, and any information exchanges performed through externally hosted sites or applications, or company’s internal network should be kept in check as well (Nery, 2010). Companies today should be aware that sensitive internal information is very crucial to their competitors and if laid hands on, can come up with serious fatal strategic implications. It is very easy to gather information using social networking platform, and the fact that abundant information is available effortlessly and legally to the competitors, should not be underestimated (Chew, Balfanz and Laurie, 2008). [See Project Management Report Assignment.]
ConclusionSocial networking sites such as Facebook, LinkedIn, and Twitter allow any mediocre attacker to effortlessly gather data and launch a malicious attack against any organization. Data can easily be acquired on company details, details on employees, their contact and employment details, and information on activities and projects; can be harvested and used for malicious purposes. With only this much amount of information and a limited capability, an attacker can easily estimate victims’ average income. Following up with the social networking activity of the user, an attacker can map out the organizational structure, partners and associates and can track company operations, projects and infrastructural nuances. The gathered information can then be used to execute more pinpointed attacks towards position holders, and further vulnerabilities can be discovered depending on the capabilities of the potential attacker. To sum it up, social networking sites and applications are easy platforms for cyber criminals to make friends and exploit their trust to gather internal company information. The information security infrastructure of an organization should provide sufficient assertion and safeguard against any type of attack, and should be capable of appropriately dealing with the risks; which include technological damages by attacking servers, information leakage through network breach, reputational damages, and much more. The use of social networking sites and applications is increasing every day, and with emerging technology trends, new attack methods are being evolved continuously. Companies need to be prepared against the possible threats and should not treat the increasing use of social media platform as a passing trend. Organizations need to take action and devise an appropriate security strategy and should formulate policies taking into account all the attack vectors and resulting risks to the infrastructure. The policies should be constantly upgraded and renewed, and monitoring should be done regarding the use of and company exposure on the social networking sites. Controls and measures should be implemented with effect in spreading awareness among the employees, updating them with the threats and the risks that arise with the developing technology.
- Bush, M. 2010. The Cult of Toyota, Advertising Age.[online] Available at: http://adage.com/article/news/social-media-cult-toyota/142335/ [Accessed 22 March 2011]
- Carfi, C. and Chastaine, L. Social Networking for Businesses and Associations. Cerado.[online] Available at: http://www.cerado.com/download/Cerado-Haystack-Executive-Briefing-Social-Networking-for-Businesses-and-Associations.pdf [Accessed 25 March 2011]
- Chew, M. Balfanz, D. and Laurie, B. 2008. Undermining Privacy in Social Networks.[online] Available at: http://w2spconf.com/2008/papers/s3p2.pdf [Accessed 25 March 2011]
- DiMicco, J.M. and Millen, D.R. 2007. Identity management: multiple presentations of self in Facebook. Proceedings of the 2007 ACM conference on supporting group work.Florida, USA. ACM, pp. 383-386.
- Fogel, J. and Nehmad, E. 2009. Internet social network communities: Risk taking, trust, and Privacy concerns.Computers in Human Behavior,vol. 25, pp. 153-160.