16th May 2017
Is Facebook leaving your business open to cyber security threats?

Is Facebook fun risking your business?

Who have you seen live in concert? What is your pornstar name? Where were you born? These may all seem like innocuous enough questions – something to pass the time, get to know your Facebook friends better or a bit of a laugh – but have you considered the type of information you are sharing with the world when you participate in these games on social media? The BBC has reported warnings that the recent Facebook craze of comparing lists of the top 10 concerts you have attended could actually be putting your data privacy and cyber security at risk.

Think about it, some organisations ask about the first gig you attended when you set up online banking and similar private accounts. Similarly, your mother’s maiden name and the name of your first pet (used to create your “pornstar” name) are also common identity authentication questions. Sharing this information online with a group of people (many of whom you barely know) is not bright and it could be making your personal finances and the future of your business vulnerable to hackers.

University of Surrey’s Prof Alan Woodward agrees that people should be cautious with the information they are putting out there, a standpoint the Switch2IT team continues to champion in the name of IT security. He believes that cyber criminals were not the brains behind the recent concert question phenomenon although warns that they are opportunists and games such as this, which reveal private information about their contestants and become so popular among the masses, are likely to be advantageous to them. 

By contrast, Prof Angela Sasse, director of the UK Research Institute in Science of Cyber-security, makes a good point that the companies using such questions as security credentials are the ones in the wrong rather than those taking part:

"Companies are violating the security principle that the way of authenticating people should be private – such as a password or pin number – rather than something that is publicly available."

What baffles us is that the human race has reached enough technological advancement to launch a rocket that lands on a drone ship but we still rely on question based authentication, which causes so many cyber security issues. At the very least, two-factor authentication is the way forward, as we have said before.

How to improve cyber security

Ramping up your Facebook privacy settings (which are confusing and as changeable as the British weather) and being selective about who you accept friend requests from is not the answer to protecting your data fully, although both are advisable. Those with 1000 Facebook friends increase the odds of an IT security breach – it only takes the account of one “friend” to get compromised and then everyone connected is in trouble!

Cyber criminals are clever and you can never be certain that you are talking to Cousin Bob or your next door neighbour. Your account could be hacked, the account of a friend could be cloned and you may even, unwittingly, allow third parties such as apps access to your information. However, Facebook offers some sound advice for self-preservation:

  • Protect your password
  • Use Facebook's security features
  • Make sure your email account(s) are secure
  • Log out of Facebook when using a shared computer
  • Run anti-virus software on your computer
  • Think before you click or download anything

Prof Woodward also offers good advice on how to improve IT security for you and your business:

"People should also use a password manager that will generate proper strong passwords which will also mean they are not using the same password for their accounts.

"The best password is one you can't remember."

Switch2IT’s technical support experts can offer plenty more advice on how your business can keep cyber security threats at bay. For those businesses in need of a cyber security audit, we offer IT project management and IT consultancy services that will help to identify potential issues and put your business back on the right track.

To stay on the right track and maximise the productivity of your business without any cyber security set-backs, our managed service IT support contract, with the benefit of a dedicated technical engineer and excellent telephone and email support, is the ideal solution. Contact us today for more information about our services or to request a quote

Latest News

24th November 2017
Significant technological innovation, from India to Sussex

Are you confident that the UK government is putting enough effort and investment into the security of British business? Do you think other countries are leaps and bounds ahead, moving towards safe and successful futures? Switch2IT explores whether more could be done to strengthen our cyber security and infrastructure in order to make a significant ...

Read More >
12th October 2017
Cyber Security: The Good, the Bad and the Ugly

Cyber Security: The Good, the Bad and the Ugly From tides of positive change via the IT networking bods at Netgear to despair in the tiresome encryption debate to undignified squirming from Microsoft about paying their taxes, this month Switch2IT explores the Good the Bad and the Ugly from the IT security and technology industries.   Gettin...

Read More >
22nd September 2017
Switch2IT says On Your Bike to data breaches like Equifax

On Your Bike, Data Breaches! There has been so much news about data breaches just lately that it is unreal – at least, the Switch2IT team wishes it was. The latest reports reveal that the Equifax data breach was a lot worse than first thought and that investigations into the extent of its impact are ongoing. As well as 143 million Americans...

Read More >
25th August 2017
The complexities of UK data protection law

Who does data protection law protect and what are the parameters?  The Information Commissioner’s Office (ICO) recently published a blog that caused a few eyebrows to rise among the Switch2IT team. Steve Eckersley ICO Head of Enforcement, who aims to “take purposeful risk-based regulatory action where obligations are ignored, exam...

Read More >