Security of Social Networks - Essay Example

? SECURITY OF SOCIAL NETWORKS BY 07 August Security of Social Networks Introduction Social networks have already become an important element of our social routines. Social networking provides vast opportunities for developing and maintaining productive social contacts. Identity formation and social networking have become inseparable. It is through social networks that businesses successfully expand their market presence and clientele base. Everybody wants to be social. Educational institutions are no exception. More important is social networking to the staff and students of one and the same University – a well-designed social network has the potential to improve the quality of learning and bring teachers and students closer to the desired learning outcomes. Certainly, the idea to construct a University social network is not without controversy. Social networking is associated with a number of legal, ethical, and security controversies. Whether the existing networks are better than bespoke applications is yet to be defined. Simultaneously, it is imperative that the University develops a brief but comprehensive social networking policy, to guide the development and implementation of social networking applications and meet the University’s social media needs. Social networking: Legal, ethical, and security issues The explosion in social networking marks a new stage in the global evolution of technologies and media. Social networking is merely about technologies but about human interactions. For thousands of young people, creating and updating social network content is an important part of their daily routines and a driver of their identity formation (Livingstone 2008). It is through social networks that people create and reconstruct their identities and invite convergence among their daily activities and social networking technologies (Livingstone 2008). The most popular social networks, Facebook, Twitter, and MySpace attract millions of new users every day. Social networking is often believed to be a technological embodiment of the twenty-first century’s lifelogging (Terry 2010). In this sense, social networking can be legally defined as “the practice of using a web site or other interactive computer service to expand one’s business or social network” (Terry 2010, p.289). These web-based applications and solutions are used by individuals and groups to construct a public or semi-public profile, create and articulate connections with other users of the same network, and view and manage their own and their friends’ connections within the given social network (Terry 2010). The uniqueness of social networks is not only in that they allow for creating productive social connection but also that they make other social networks and connections visible to users (Terry 2010). Social networks enhance public connectivity and impose new social expectations on users. Needless to say, not all social network users are fair and honest. Social networking has far-reaching legal implications. Apart from unprecedented self-expression and community engagement opportunities, social networking enables and facilitates the main dangers of the Internet age. More specifically, social networks attract those who use them to download malware, spam, steal private information and use it in criminal schemes (Nelson, Simek & Foltin 2009). Therefore, social networking is equally a remarkable achievement and a serious threat to the future of Internet technologies. Nonetheless, most, if not all, these threats can be easily tackled by means of wise social network policies, sophisticated security protection, regularly updated software and hardware, and perfect understanding of the risks posed by social networks in the global online reality. Legal controversies. Social networking is surrounded by much legal controversy. At once, the concept of social networking lacks a single legal definition (Terry 2010). Most of what is currently known about social networks and their legal features is due to the hard work of judges and courts, which happened to consider the cases involving various social networking sites. Privacy remains a legal cornerstone in the development of productive and safe social networks. Privacy failures in social networks are turning into a matter of serious legal concern. The fact is in that few, if any, social network users ever think of their own security. Public profiles account for more than 70% of the total social networking space (Terry 2010). This is an alarming number, given that millions of Internet users come online with a definite purpose to “dig” into their friends or enemies’ lives. Furthermore, few people use privacy settings offered by social networks, simply leaving them at the default settings (Nelson, Simek & Foltin 2009). Social networks are becoming so pervasive, that even people on a jury in a court case sometimes use Facebook to trace how other members of the same jury would vote (Nelson, Simek & Foltin 2009). The quality and nature of the data uploaded and shared within social networks present another challenge. Social network postings can readily become an object of law enforcement scrutiny, with the user not even aware of being under surveillance and prosecution (Terry 2010). Sharedness of data sometimes undermines the validity of property rules (Terry 2010). In the meantime, social networking as a relatively new area of legal analysis provides a new venue for profit-making among lawyers, who use social network to mislead potential clients, create groups, and monitor what others are doing to find another source of profits (Terry 2010). Social networks are turning into a relevant source of criminal evidence (Nelson, Simek & Foltin 2009). Some organizations have even used social networks to advertise genetic testing services, which raises the questions of validation of genetic test results, objectivity of medical research used to interpret these findings, and ownership of genomic and health information (Resnik 2009). From the legal standpoint, no one really knows how to manage social networks. In legal terms, social networks look more challenging than beneficial to communities, including Universities. Coupled with ethical and legal controversies, social networking can become a serious threat to the University’s reputation. However, awareness of these challenges is the first step to dealing with these controversies with no harm to students and the staff. Ethics of social networking. Privacy is both an ethical and legal issue within the social networking field. For millions of users, being in a social network is equal to risk-taking, since no one knows for sure whether or not he (she) can disclose a certain amount of personal information to the public. Naturally, those with profiles open for viewing express greater concerns about strangers knowing what they do and think (Fogel & Nehmad 2009). More dangerous is the use of social networking at work: social networks allow for connecting with coworkers, advancing professional career, and campaigning for common projects, but professional social networks can become a perfect object of hunt by competitors (DiMicco et al 2008). Social networking makes the boundary between private and public increasingly blurred. YouTube, for example, undermines the relevance of conventional “privacy-publicity” meanings (Lange 2008). At times, users share the data which crosses the boundaries of ethical behavior, like child pornography. At other times, social network participants may easily disseminate the information they do not own, making it widely accessible to millions. Media scandals involving social networks like Facebook and YouTube have become very common. That most users, especially college students, misjudge the vulnerability and accessibility of personal information in social networks makes them potentially susceptible to the risks of unethical behaviors (Strater & Richter 2007). In many instances, individuals and organizations are not aware of the basic rules of social networking, due to their relative novelty and uniqueness. For example, libraries that want to use social networks to expand their outreach must be particularly careful in their information sharing decisions (Fernandez 2009). Eventually, there are no ethical codes designed to enhance the functionality of social networks. The situation is particularly difficult in colleges and universities, where administrators can read about student adventures, drinking and hanging out with friends, whereas student athletes use social networks to review other athletes’ profiles, before they decide whether to be on the team (Timm & Duven 2008). Here, balancing authority and privacy is the main ethical dilemma, and only a well-developed social network policy can help to prevent or at least minimize these risks. Social networking and security. Privacy, ethics, and legal implications of social networking are integrally linked to the matters of technological security. The 21st century drives technological advances in communication and socialization, creating a new challenge IT professionals must meet (Cain 2008). One of the main security issues is that social networks, servers, and social networking providers can accumulate, transmit, and use the information which users disclose within their networks (Lucas & Borisov 2008). Social networks exemplify enormous depositories of information about users (Lucas & Borisov 2008). Accidental data release, information made visible to unintended users because of poorly managed defaults, the use of private data for the purpose of marketing, by court order, and other can altogether become a serious threat to privacy and security in social networks (Lucas & Borisov 2008). Other security risks may include data pollution, accessing personal data by third parties, as well as defamation attacks (Cutillo, Molva & Strufe 2009). This is why developing a social networking platform is an excessively labor-intensive process, which requires time and effort and does not happen overnight. Creating a social network application: Existing vs. bespoke solutions Whether or not existing social networks are better than bespoke social network applications is a difficult question. Apparently, both options have their pros and cons. However, the specificity of university environments and the challenges it poses to social networking suggest that creating a bespoke application is a better alternative to the existing websites. Certainly, centralized social networks including Facebook and MySpace offer numerous benefits to their users. First, they are easily accessible from anywhere (Lucas & Borisov 2008). Second, their user bases are enormous and unique (Lucas & Borisov 2008). Third, they have already made significant investments in their infrastructure, being able to hide non-relevant technical information from users and displaying excellent usability features (Lucas & Borisov 2008). However, in case of a university, there is no need to access the network from anywhere: it is enough to have the social network available and accessible to users on campus. The proposed social network does not need extensive databases and user profiles. Simultaneously, it is always easier to predict and avoid possible security breaches, while designing bespoke social networking applications. Since most existing social networks work for profit and can easily sacrifice user privacy for the sake of increased revenues, only a bespoke application can create a real atmosphere of socialization without any trace of commercialism, unless the latter benefits students and faculty staff. Ultimately, most existing social networks are limited in their information dissemination capabilities – that is, age distribution is uneven; class divisions are obvious; and it is virtually impossible to unite all University students on the basis of the existing frameworks (Gomez, Gomez & Yardley 2006). Obviously, only a bespoke social networking application can help the University to achieve its main goals, which include: Confidentiality: given the importance of the data shared within the institution, a bespoke social networking application will guarantee that all interactions, processes, communication, contact requests and acceptances, and message exchanges will be confidential. Such bespoke application must be decentralized, with peer-to-peer techniques used to manage the information content within the network (Cutillo, Molva & Strufe 2009); Access control: a bespoke decentralized networking solution will allow for managing user accounts, based on users’ trustworthiness (Cutillo, Molva & Strufe 2009). A decentralized network will monitor each user separately: fortunately, due to the relatively small size of the educational institution, managing each account separately is neither burdensome nor costly; Authentication: only a bespoke networking application can protect the university from the risks of clone attacks, which are becoming more common with the most popular centralized networks (Cutillo, Molva & Strufe 2009). That a bespoke network is unique also means that it will be extremely difficult to create a clone; Availability: a bespoke networking application can be designed as a system of cooperating nodes which, on the one hand, do not provide service for unknown users and, on the other hand, can successfully prevent denial of service conflicts (Cutillo, Molva & Strufe 2009). Organizations and educational institutions have already realized the value of bespoke social networks. ResearchGATE is probably the most successful example of such networks, providing scientists from all over the world with unique networking opportunities (De Waal 2011). Such networks can serve a good role model for the University and a basis for developing a new, unique and extremely effective social networking application. Social Network security policy The Computer Services Department of the University of Glamorgan has a goal to protect users (students and the staff) and information content from the risk of intrusions and privacy breaches. This policy is designed to serve a guideline for the University social network users looking to become social network users. Media covered: all social networking applications used by students and the staff at the University premises, along with the equipment supporting the social network’s functionality – social network websites, community sites, emails and blogs, as well as integrated applications, chats, and forums. Policy coverage: all information published and shared within the system must be in compliance with the laws and university principles governing the issues of confidentiality and privacy. Users are obliged to disclose any information published on behalf of the University, and the source of this information. Users are obliged to report any instance of information leakage. Users are obliged to use secure connections and passwords. Passwords must not contain elements of the University name or any other credentials. All users subscribed to the social network must have standard anti-malware applications, use a support browser, have filters against malicious content, and applications needed to run the social network effectively. Users must understand that the University monitors all processes and decisions within the social network, through content approval. The social network technologies will monitor all information and data uploaded to the social media applications. This social networking policy will be further supported by the University’s ethical and legal confidentiality guidelines and technical policies/ requirements. The policy will be regularly updated, to meet the changeable demands of social networking. Conclusion Social networks have already become an important element of our social routines. Social networking provides vast opportunities for developing and maintaining productive social contacts. Identity formation and social networking have become inseparable. It is through social networks that businesses successfully expand their market presence and clientele base. Social networking is surrounded by much legal controversy. Social networking makes the boundary between private and public increasingly blurred. Since most existing social networks work for profit and can easily sacrifice user privacy for the sake of increased revenues, only a bespoke application can create a real atmosphere of socialization without any trace of commercialism. only a bespoke social networking application can help the University to achieve its main goals, which include confidentiality, access control, authentication, and network availability. References Cain, J 2008, ‘Online social networking issues within academia and pharmacy education’, American Journal of Pharmaceutical Education, vol.72, no.1, pp.pp.1-7. Cutillo, LA, Molva, R & Strufe, T 2009, ‘Privacy preserving social networking through decentralization’, Proceedings of the Sixth International Conference on Wireless On-Demand Network Systems and Services, New Jersey, pp.1-8. De Waal, M 2011, ‘ResearchGATE: Revolutionizing social networking for scientists’, [online], Daily Maverick, accessed from http://dailymaverick.co.za/article/2011-01-11-researchgate-revolutionising-social-networking-for-scientists DiMicco, J, Millen, DR, Geyer, W, Dugan, C, Brownholtz, B & Muller, M 2008, ‘Motivations for social networking at work’, IBM Research CSCW’08, San Diego, pp.711-720. Dwyer, C, Hitz, S & Passerini, K 2007, ‘Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace’, Americas Conference on Information Systems, Colorado, pp.1-12. Fernandez, P 2009, ‘Online social networking sites and privacy: Revisiting ethical considerations for a new generation of technology’, Library Philosophy and Practice, March, 1-10. Fogel, J & Nehmad, E 2009, ‘Internet social network communities: Risk taking, trust, and privacy concerns’, Computers in Human Behavior, vol.25, pp.153-160. Gomes, EL, Gomez, HL & Yardley, J 2005, Social networking: An astronomer’s field guide, Cardiff University. Lange, PG 2008, ‘Publicly private and privately public: Social networking on YouTube’, Journal of Computer-Mediated Communication, vol.13, pp.361-380. Livingstone, S 2008, ‘Taking risky opportunities in youthful content creation: Teenagers’ use of social networking sites for intimacy, privacy and self-expression’, New Media & Society, vol.10, no.3, pp.393-411. Lucas, MM & Borisov, N 2008, ‘flyByNight: Mitigating the privacy risks of social networking’, WPES’08, Virginia, USA. Nelson, S, Simek, J & Foltin, J 2009, The legal implications of social networking, Sensei Enterprises Inc. Resnik, DB 2009, ‘Direct-to-consumer genomics, social networking, and confidentiality’, American Journal of Bioethics, vol.9, no.6, pp.45-46. Strater, K & Richter, H 2007, ‘Examining privacy and disclosure in a social networking community’, Symposium on Usable Privacy and Security, Pittsburg, pp.1-2. Terry, NP 2010, ‘Physicians and patients who ‘friend’ or ‘tweet’: Constructing a legal framework for social networking in a highly regulated domain’, Indiana Law Review, vol.43, no.2, pp.285-342. Timm, DM & Duven, CJ 2008, ‘Privacy and social networking sites’, New Directions for Student Services, no.124, pp.89-103. Read More