Monday, August 17, 2009

Malicious Facebook application

.
Facebook had it share of a limelight (http://www.scmagazineuk.com/Warnings-made-over-malicious-Facebook-application/article/146596/) following bad publicity that hit Twitter previously. The way I see it, Facebook developers can try to develop a more secure application that will make attacks such as those more difficult, but unless people change their attitude towards their own private information nothing will stop hackers from obtaining it and using it for their own benefit.
As an organisation that owns the data, you can deploy smart perimeter security devices (Web Application Firewalls, Intrusion Prevention Systems, Network Access Control, Content Inspection, etc.), anti-malware software on your servers, perform rigorous patching and even use behaviour inspection databases. But, unless you address the core of the problem, which is lack of security awareness, and educate users (be those internal employees, software developers or the actual consumers of your services) those will have only a limited impact on the level of the security.
Now, the real questions is whose responsibility is it, anyway? As a Facebook user myself, I would expect Facebook to tell me right from wrong...

No comments:

Post a Comment