Will Facebook Survive the Next 10 Years - Essay Example

International Risk Management - Will Facebook Survive the Next 10 Years? - Number and Number of Submission Number of Words: 2,532 Introduction In February 2004, Facebook was launched as a social networking site that allows its active users to get in touch with friends. By creating a personal profile, Facebook users could easily locate old and new acquaintances. Since Facebook was designed to be user-friendly, the company managed to become one of the most highly recognized social networking sites around the world. As of July 2010, the company managed to create more than 500 million active users worldwide (Zuckerberg, 2010). As part of determining whether or not Facebook will survive 10 years from now, this essay will provide the readers with insightful map to explain the firm’s business model followed by discussing its strengths and vulnerabilities as a globally known social network. In the light of the business model, risk factors that Facebook is currently exposed to will be identified. Eventually, the underlying drivers behind the company’s current risk factors will be tackled in details. This information is useful in terms of enabling the company forecast its future risks. This essay will also examine the appropriateness and effectiveness of Facebook’s risk management strategies in terms of making the company survive the global challenges of social networking sites 10 years from now. In order to prevent the development of potentially new risks as a result of implementing the company’s current risk management strategies, some of the recommended proactive and holistic risk management strategies which can be used in allowing the company monitor and manage its risk exposure will be tackled in details. Facebook’s Business Model Although Mark Zuckerberg – the founder of Facebook admits that the company is still searching for a business model that will enable the company have a clear path to profitability (Manjoo, 2008), the business model of Facebook seems to be based on network effects business model. It means that the company is using networking effect by inviting individuals more than 13 years old to register with the social networking website. In line with this, the higher the number of individuals who register with Facebook would mean an increase the company ability to earn from investment value and advertising gains. Since the goal of Facebook is to increase the number of its online users, the company decided to include Digg in its new business model (ONeil, 2010). According to Nicole Ozer – technology and civil liberties policy director for ACLU of Northern California, “Facebook is in the business of making money, not protecting privacy” (Swartz, 2010). In exchange of the free networking service Facebook is offering is ad harrassment. In other words, the private information gathered from Facebook users are used in increasing the accuracy of target advertisements. To give advertisers and sellers the opportunity to learn about the users’ preferences and online behaviour, the business model of Facebook is focused not only in creating reasons for people around the world to use the social networking site but also convincing people to make their personal information widely available and accessible online (Swartz, 2010). Strength and Vulnerability of Facebook’s Business Model Today, the number of Facebook users is close to 500 million (Swartz, 2010). In line with this, the investment value of Facebook is estimated to be $15 billion because of the company’s ability to gather more than 100 million regular users around the world (Manjoo, 2008). As a result of being able to gather millions of active users, the company is able to earn revenues from selling its virtual goods such as $1 for Facebook birthday cake and other self-service ads. Back in 2009, eMarketer reported that Facebook earned $230 million which is 20.2% higher than its revenue back in 2008 (eMarketer, 2009). After talking to several sources, Papworth (2009) revealed that the company is expected to earn roughly $550 million at the end of 2009 ($125 million on brand ads, $150 million on Facebook’s ad deal with Microsoft, $75 million on virtual goods, and $200 million on self-service ads). Because of the continuous growth in the number of Facebook users, the company is expected to raise almost $1 billion by the end of 2010 (Swartz, 2010). Koobface worm is a type of computer worm that gathers sensitive information like password, credit card numbers, addresses, and phone numbers from Facebook, MySpace, and other social networking sites (Keizer, 2009). Similar to koobface, botnet and malware increases the vulnerabilities of web browsers to worms, viruses, spyware, adware, scareware, crimeware, and Trojan horses which could infect the PC logs (Damballa, 2010; Skoudis & Zeltser, 2004, p. 2). Since the business model of Facebook is focused on attracting the users to share their personal information in public, the users are highly vulnerable of becoming a victim of the Koobface worm, botnet and malware (Sizemore, 2010; Swartz, 2010). As a result, the victims of cybercrimes are expected to lose their sensitive personal information aside from receiving spam messages that are malicious in nature. In worst cases, young adolescents who are active users of social networking sites are at risk of becoming a victim of cyber bullying or cyber terrorism (Donahue, 2010). In the case of private institutions, users of social networking sites like Facebook increase the companies’ risk of security data breeches (Sizemore, 2010). Because of the negative consequences associated with the use of social networking sites, there is a growing scrutiny about Facebook users’ privacy and security. With the use of social networking sites like Facebook, there is an increase in the number of individuals who has been a victim of cybercrime. Because of political and religious controversy, the use of Facebook is banned in many countries including: China, Iran, North Korea, Pakistan, Syria, Vietman, and Uzbekistan (Cooper, 2010; MacDonald, 2009; Damascus, 2008; Shahi, 2008). Specifically in Ontario, government workers are prohibited in accessing Facebook website using government computers (Benzie, 2007). Government intervention could also increase the company’s vulnerability of decreasing the number of Facebook users. To protect the people from becoming a victim of cybercrime, countries all over the world have been increasing the use of legislative orders to strengthen the law behind computer crimes. In line with this, UK and US cybercrime laws were based on tort of trespass and legislation of fraud accordingly (Leyden, 2008). In fact, the European Commission in European Union is now proposing for a new cybercrime legislation which will be applied to all member countries (EurActiv, 2010). With close to 300 million internet users, China is in the process of developing its cybercrime legislation as of May 2009 (Science Daily, 2009). Current and Future Risk Factors of Facebook As the top three brands next to Google and Yahoo (Parr, 2010), Facebook is facing serious platform issues with regards to users’ privacy and security matters. To maintain its position as the top three company that has the most number of user traffic, it is necessary to identify and determine the risk factors that could lead to the possible decline in Facebook’s popularity. Since the growing public concern about their personal privacy and security can be a threat to the business objectives and goals of the company, Facebook management should develop strategic ways on how to protect its users from cyber crimes and terrorist attacks. On the other hand, social networking sites like Facebook earns revenue by using the private information of its users for target marketing purposes. Given that a social networking company is focused on social media marketing, one of the major risk factors that Facebook is currently facing is the inability of the company to balance the importance of protecting its users’ privacy and security and the need to monetize behind the growing social network (Alang, 2010). Admitted by Mark Zuckerberg – the founder of Facebook, the company is still in the process of searching for business models that will enable the company have a clear path to profitability (Manjoo, 2008). Another major risk factors that could hinder the company’s future growth is the absence of a business model. Normally, a business model guides the business owners and top executive management in terms of developing effective business strategy the will increase the company’s competitive advantage against its competitors. Since Facebook does not have a specific business model that could guide the company to increase its profitability, the top management of Facebook is at risk of developing ineffective business strategy in the future. Aside from the lack of specific business model, the decision of Facebook not to experiment with other options could lead to a lot of opportunity loss on the part of the company. If Facebook decides to implement a new pay model, it is expected that a large group of Facebook users will protest and decide to shift to the use of other social networking sites that offers free networking services. Although the implementation of this particular business model will not only make Facebook lose a large sum of revenues from brand ads, ad deal with Microsoft, sale of virtual goods, and self-service ads but also decreases the company’s investment value; the company should also consider the possible income for adopting the pay model. In case only 5% of the Facebook’s regular users are willing to pay $5 access fee each month, the company will earn additional $125 million each month or $300 million each year (Manjoo, 2008). External factor such as government intervention through the use of fiscal policy is a great threat over the success of Facebook. Given that the governments in different countries are already in the process of strengthening their cybercrime laws, there is a strong possibility that the number of Facebook users will be affected negatively. In worst cases, the increased risk wherein Facebook will be legally sued for the grounds of privacy invasion, security threats, and piracy is also possible. Underlying Drivers behind the Facebook’s Current and Future Risk Factors The history behind the development of Facebook website is sufficient to explain the underlying driver behind the company’s current risk factors. Founded by Mark Zuckerberg and his friends during the first quarter of 2004, the website was initially developed for the use of Harvard students before it was expanded to other colleges and universities in Boston area (Roeder, 2010). Since Facebook was developed only for the purpose of connecting students, the company managed to earn its popularity even without the use of a concrete business model. Facebook was developed mainly for the purpose of connecting people with their old and new friends. For this reason, the company website was created and developed without considering the laws behind privacy invasion, security threats, and piracy or illegal downloads of videos and other files. Appropriateness and Effectiveness of Facebook’s Risk Management Strategies Because of the growing public concerns about privacy and security, the company decided to think of possible ways on how to protect its users from becoming a victim of cybercrime and terrorism. As part of Facebook’s risk management strategies, the company recently announces its effort to clean-up and restore the trust of Facebook’s privacy and security by making its privacy setting simple to use (Swartz, 2010). By allowing Facebook users to have an access to online privacy page, the company discussed the importance and different ways to keep their personal information available and limited only to their close friends and relatives. Although this particular risk management strategy is effective in terms of minimizing the risk of Facebook users from being harmed physically, financially, or emotionally; focusing on the use of private settings alone cannot protect the users from unauthorized or illegal spreading of their personal and sensitive information. Since there is a wide-spread of computer viruses such as Koobface worm, botnet and malware among others (Sizemore, 2010; Swartz, 2010), Facebook management should develop a more effective technical risk management strategies to protect its users from abusive cyber attackers. Recommended Proactive and Holistic Risk Management Strategies that will allow Facebook Monitor and Effectively Manage its Risk Exposure To increase the effectiveness of Facebook’s risk management strategies, the company should consider not only the importance of data protection, perimeter, and compliance. It is possible for Facebook to identify, monitor, and protect its users’ data from private online hackers by making use of data loss prevention (DLP) software (Sizemore, 2010). Since the use of DLP is limited in terms of protecting Facebook users from malicious vulnerabilities because of the complex integration of secured websites, the company should consider other forms of risk management strategies including the use of Web application firewalls (WAFs), intrusion prevention system (IPS), and intrusion detection systems (IDS) or leverage on some consolidated devices to mitigate the company’s data exposure to unauthorized viewers (Sizemore, 2010; Scarfone & Mell, 2007). For example: Given that Facebook’s IPS tool reported a discovery of breach or illegal use of the website, the company should immediately develop effective strategies that could counteract the threat to its users. Each day, there is a very fast development in the use of computer and internet technology. Since the development of computer technology is constantly changing, there is a strong need for Facebook to constantly update its security perimeter infrastructure (Sizemore, 2010). This strategy is useful in terms of protecting the users from newly developed computer viruses. Likewise, there is still a need for Facebook to educate its users regarding ways on how to protect themselves from people they do not personally know (Sizemore, 2010; Swartz, 2010). To avoid facing legal charges in the future, Facebook should comply with the universal guidelines and regulatory requirements set by PCI regulations on how to protect the users’ credit card data from data hackers and illegal use (PCI Security Standards Council, 2010; Sizemore, 2010). By being accountable for the security and safety of its users’ personal information, Facebook as a social networking site can survive the business by 2020. Conclusion As a social networking site, Facebook has been successful in terms of increasing the number of its active users. Despite the company’s success in social networking business, Facebook is facing challenges associated with privacy and security dilemmas. There are many ways in which the company could effectively counteract the negative business consequences of public scrutiny. First, the company should not only be focused on setting a clear business model but also develop and implement effective current and future risk strategic plans. Although developing a clear business model is useful in terms of guiding the company with the development of its future business strategies, it is necessary for Facebook management to consider its current and future risk factors to ensure that the company will remain strong 10 years from now. Since maintaining the users’ privacy and security is one of the major concerns of Facebook users, the company should exert an effort in protecting the users’ data from computer hijackers. In line with this, Facebook computer engineers should apply different technical strategies such as the use of DLP, WAFs, IPS, and IDS to minimize the risk of data intrusion. Given that the company is able to track down intruders, Facebook management should immediately search for evidences which can be used in filing legal cases against online invaders. Aside from teaching the users on how to protect themselves with the use of privacy option tools, the company should comply with the universal guidelines and regulatory requirements set by authorized agencies such as the PCI security standard council. *** End *** References Alang, N. (2010, May 28). Retrieved October 31, 2010, from Were Not Fooled: Ignoring Privacy Is Facebooks Business Model: http://www.techi.com/2010/05/were-not-fooled-ignoring-privacy-is-facebooks-business-model/ Benzie, R. (2007, May 3). The Star. Retrieved October 30, 2010, from Facebook banned for Ontario staffers: http://www.thestar.com/News/article/210014 Cooper, C. (2010, May 19). CBS News. Retrieved October 30, 2010, from Pakistan Bans Facebook Over Muhammad Caricature Row: http://www.cbsnews.com/8301-501465_162-20005388-501465.html Damascus. (2008, July 24). The Economist. Retrieved October 30, 2010, from Red lines that cannot be crossed. The authorities don’t want you to read or see too much : http://www.economist.com/node/11792330?story_id=11792330 Damballa. (2010, March 2). Retrieved October 30, 2010, from Report: The Command Structure of the Operation Aurora Botnet: History, Patterns, and Findings: http://www.damballa.com/research/aurora/ Donahue, P. (2010). The Online Mom. Retrieved October 30, 2010, from Risk Factors for Cyberbullying: http://www.theonlinemom.com/secondary.asp?id=965 eMarketer. (2009). Retrieved October 30, 2010, from In Papworth L. (2009) "Monetization: Facebook Revenue and Business Model": http://www.socialmediatoday.com/SMC/109050 EurActiv. (2010, August 19). Retrieved October 30, 2010, from Policing the Internet?: http://www.euractiv.com/en/infosociety/policing-internet-linksdossier-496811 Harrabin, R. (2009, February 13). BBC News. Retrieved October 25, 2010, from Q&A: Professor Phil Jones: http://news.bbc.co.uk/2/hi/8511670.stm Keizer, G. (2009, March 2). Computer World. Retrieved October 30, 2010, from Koobface worm to users: Be my Facebook friend. New variant steals log-in credentials for Facebook, MySpace, other social networking sites: http://www.computerworld.com/s/article/9128842/Koobface_worm_to_users_Be_my_Facebook_friend?intsrc=news_ts_head Leyden, J. (2008, September 30). The Register. Retrieved October 30, 2010, from UK cybercrime overhaul finally comes into effect. DDoS doubly illegal from 1 October: http://www.theregister.co.uk/2008/09/30/uk_cybercrime_overhaul/ MacDonald, E. (2009, July 8). ABC News. Retrieved October 30, 2010, from Chinas Facebook Status: Blocked: http://blogs.abcnews.com/theworldnewser/2009/07/chinas-facebook-status-blocked.html Manjoo, F. (2008, November 2). Financial Post. Retrieved October 30, 2010, from A new business model for Facebook: http://www.financialpost.com/executive/story.html?id=929269 ONeil, N. (2010, March 30). All Facebook. Retrieved October 29, 2010, from Facebook Squeezes Digg into a new Business Model: http://www.allfacebook.com/facebook-digg-business-2010-03 Papworth, L. (2009, July 13). Social Media Today. Retrieved October 20, 2010, from Monetization: Facebook Revenue and Business Model: http://www.socialmediatoday.com/SMC/109050 Parr, B. (2010, February 16). Retrieved October 30, 2010, from Facebook Is the Web’s Ultimate Timesink [STATS]: http://mashable.com/2010/02/16/facebook-nielsen-stats/ PCI Security Standards Council. (2010). Retrieved October 31, 2010, from PCI SSC Data Security Standards Overview: https://www.pcisecuritystandards.org/security_standards/index.php Roeder, L. (2010). About.com. Retrieved October 30, 2010, from Where Did Facebook Come From? The History of Facebook: http://personalweb.about.com/od/makefriendsonfacebook/a/whatisfacebook_5.htm Scarfone, K., & Mell, P. (2007, February). National Institute of Standards and technology. Retrieved October 31, 2010, from Guide to Intrusion Detection and Prevention Systems (IDPS). Recommendations of the National Institute of Standards and Technology: http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf Science Daily. (2009, May 11). Retrieved October 30, 2010, from Stopping Chinese Cybercrime: http://www.sciencedaily.com/releases/2009/05/090507055702.htm Shahi, A. (2008, July 27). Daily News Egypt. Retrieved October 30, 2010, from Iran’s digital war: http://dailystaregypt.com/article.aspx?ArticleID=15313 Sizemore, J. (2010, June 14). CIO Update. Retrieved October 30, 2010, from Examining the 4 Areas of Business Social Networking Risk: http://www.cioupdate.com/insights/article.php/3887541/Examining-the-4-Areas-of-Business-Social-Networking-Risk.htm Skoudis, E., & Zeltser, L. (2004). Malware: Fighting malicsious code. Pearson Education, Inc. Swartz, J. (2010, June 16). USA Today. Retrieved October 30, 2010, from Facebook’s business model calls for wiping out privacy: http://lastwatchdog.com/facebooks-business-model-hinges-wiping-privacy/ Urdan, T. C. (2005). Statistics in plain English. Lawrance Erlbaum Associates, Inc. Zuckerberg, M. (2010, July 22). Facebook. Retrieved October 29, 2010, from 500 Million Stories: http://blog.facebook.com/blog.php?post=409753352130 Read More