today: Tuesday 22.07.2014

Interview with Michalis Mavis, MSc, Telecom & IT Security Professional, Speaker during SMI’2011 (27 & 28 October, Marrakech)

 

What do you believe are the most exciting op­portunities for companies in using social media?

Online Social Networks (SN) or Social Networking Sites (SNSs) are one of the most remarkable technological phenomena of the 21st century, with several SNSs now among the most visited websites globally. According to the opinion of many experts in the field, next generation SNs will be the predominant application on the Internet substituting well known applications we use to communicate today, like email, MSN, web browsing, etc.

In addition to the benefits to SNSs members, they provide significant business value because of the marketing applications they offer. SNs are implementing a new communication model ‘the dialogue’ and the fact that around 80% of the people trust the recommendations and opinions of other consumers provides a new dimension to advertisement. In this way SNs become a critical factor in the success or failure of any business.

SNs are offering new medium and extremely low cost opportunities to touch your customers, know your target market, interact with the consumers, get their opinion on your products and services, provide targeting advertisement to your network and find new avenues to market your products.

 

What is your opinion about mobile social networking?

The social networking phenomenon has been widening in terms of users’ profiles involved, but is also evolving in relation to the way the audience itself can experience SNs. Besides traditional computer-based access, users are now able to access SNs through their mobile phones. Especially, with the use of new generation smart phones one of the most popular application is to contact SNs and manage your profile or contact your friend’s one, by using your mobile phone connected to the Internet, on a daily basis!

In what other applications social media may be used in the future ?

According to ENISA* (the European Network and Information Security Agency, based in Creta Greece), SNSs fulfil all the main criteria to qualify as mainstream Identity Management application, since they represent the world’s largest body of personal data. The biggest repository of personal images on the internet is not Flickr but Facebook (already with more than 30 billion images, while 14 million new images are uploaded every day). The largest number of personal profiles on the planet is held not in a government identity registry (at least not one we know about…) but in the data warehouses of the Social Networking providers – the likes of Facebook and Myspace.

Identity Management evolved from the experience that keeping personal data in one central location under the control of one large corporate provider is not only a bad idea from a security and scalability point of view but also tends to alienate users who, understandably, perceive such systems as a ‘Big Brother’. System architects and users prefer to store their personal data more flexibly and securely.

SNs provide many characteristics similar to Identity Management Systems since they provide:

  • Storage of personal data (including images and videos).
  • Tools for searching and managing personal data and how it is viewed.
  • Access control to personal data based on credentials. Recently they are offering low granularity access control (specific ‘friends’ may access specific parts of their profile).
  • Tools for finding out who has accessed personal data, etc.

For those reasons it is expected that SNs data will be used more and more in the future inter alia by various government agencies, lawyers, intelligence gathering agencies and various investigators.

 

What are the major risks and threats related to SNs ?

The growing popularity of SNs creates significant opportunities, but also exposes its users to security risks and threats.

The major risks are connected with identity theft, corporate data leakage and reputation, virus infection and propagation (by cross site scripting), phising attacks, but there are also other more sophisticated risks and threats, that we will analyse in the Morocco Conference (Oct 2011) like the ones listed below:

  • Content Based Image Retrieval (CBIR).
  • Digital dossier aggregation (profiles downloaded and stored by third parties)
  • Linkability from image metadata (tag images).
  • Profile squatting and reputation slander.
  • Cyberstalking and cyberbullying
  • Corporate espionage and others.

 

Taking into account the above mentioned important risks and threats what is your recommendation?

 

SNs is the future, that cannot be stopped. We should not discourage people and companies from using SNs in their daily life and business, but we should take all necessary measures to use them in the best way, so that they are providing benefits to our life and business activities.

SNs providers should take all necessary measures to offer higher level of security, by adopting open standards but also educate users about the opportunities and threats they may face when using SNs.

(*)  ENISA Position Paper, Security Issues and Recommendations, for Online Social Networks

 

About Michalis Mavis

Michalis Mavis has more than 30 years international experience in the Telecommunications and IT security sector. Michalis has successfully completed different assignments related to counselling and support regarding the ‘related risks’ associated with social networks for many international organisations (Greece, Lithuania, Armenia, Malaysia, United Arab Emirates….).

He has also held the position of security engineer for NATO in Belgium as well as other positions in project management for Eurescom (European Institute for Research & Strategic Studies in Telecommunications) in Germany.

http://gr.linkedin.com/in/mmavis

Written by