smalbany 2013 people hacking with social media 07 13
DESCRIPTION
smAlbany 2013 presentation http://ww.smAlbany.orgTRANSCRIPT
![Page 1: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/1.jpg)
People Hacking
with Social Media
Reg Harnish, CISSP, CISM, CISA Chief Security Strategist
GreyCastle Security
November 15, 2012
![Page 2: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/2.jpg)
Copyright NBC All Rights Reserved
![Page 3: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/3.jpg)
• Who am I?
• Who is GreyCastle Security?
• What are we doing here?
Introduction
![Page 4: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/4.jpg)
Social media security challenges
![Page 5: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/5.jpg)
![Page 6: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/6.jpg)
![Page 7: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/7.jpg)
![Page 8: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/8.jpg)
![Page 9: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/9.jpg)
![Page 11: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/11.jpg)
![Page 12: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/12.jpg)
People are not awesome Copyright Universal Pictures All Rights Reserved
![Page 13: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/13.jpg)
People who care: here
they are
![Page 14: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/14.jpg)
Compliance regulations
![Page 15: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/15.jpg)
Social media horror stories
![Page 16: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/16.jpg)
![Page 17: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/17.jpg)
![Page 18: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/18.jpg)
![Page 19: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/19.jpg)
Social media security solutions
![Page 20: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/20.jpg)
1. Operationalize security
![Page 21: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/21.jpg)
2. Implement
a policy
![Page 22: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/22.jpg)
3. Train relentlessly
![Page 23: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/23.jpg)
4. Test relentlessly
![Page 24: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/24.jpg)
“Everybody has a plan
until they get punched in
the face.” – Mike Tyson
5. Plan for the worst
![Page 25: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/25.jpg)
Final thought
![Page 26: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/26.jpg)
![Page 27: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/27.jpg)
27
![Page 28: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/28.jpg)
Social Media: Old Rules, New Game
![Page 29: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/29.jpg)
About Dowling Law, PLLC
• Dowling Law, a labor and employment boutique firm,
provides strategic legal advice and representation to
private-sector employers in Tech Valley and across New
York State.
• Joanmarie M. Dowling, Esq., is an attorney and founding
member of Dowling Law. Joanmarie counsels and
represents employers of all sizes, with a special focus on
small to mid-size companies and not-for-profit employers.
Joanmarie also currently serves as Vice President of the
Capital Region Human Resource Association.
![Page 30: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/30.jpg)
![Page 31: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/31.jpg)
The Applicant
You are about to hire a new
salesperson.
Before you make an offer,
should you:
conduct an internet search
for the applicant’s name and
background information?
check the applicant’s
Facebook, LinkedIn, and
other accounts?
request the applicant’s
social media account user
names and passwords?
![Page 32: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/32.jpg)
The Salesperson
One year later, your assistant informs you that your
salesperson recently set up a website with your
company’s name and logo prominently displayed.
On that website, he has been complaining about your
company and its commission plan - and insulting
your management style as “boorish” and
“incompetent.”
![Page 33: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/33.jpg)
The Salesperson Strikes Again
This same salesperson has been
posting derogatory comments about
your assistant on his Facebook
page.
She believes he is retaliating against
her because she refused to go out
with him.
![Page 34: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/34.jpg)
On the Way Out the Door
Before you even had an opportunity to speak with your salesperson, you
receive a terse email from him, advising you that he is leaving your
company effective immediately. You breathe a sigh of relief… but your
relief is short-lived.
The next day, you see that your former salesperson is soliciting your clients
for a competitor, using LinkedIn contacts and Twitter followers you helped
him develop while he was your employee.
Are those contacts and followers property of your company?
Would communication to these contacts violate your former
salesperson’s noncompetition and nonsolicitation agreement?
![Page 35: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/35.jpg)
35
![Page 36: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/36.jpg)
Social Media: Old Rules, New Game
![Page 37: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/37.jpg)
About Dowling Law, PLLC
Dowling Law, a labor and employment boutique firm, provides
strategic legal advice and representation to private-sector
employers in Tech Valley and across New York State.
Joanmarie M. Dowling, Esq., is an attorney and founding member
of Dowling Law. Joanmarie counsels and represents employers of
all sizes, with a special focus on small to mid-size companies and
not-for-profit employers. Joanmarie also currently serves as Vice
President of the Capital Region Human Resource Association.
![Page 38: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/38.jpg)
![Page 39: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/39.jpg)
The Applicant
You are about to hire a new
salesperson.
Before you make an offer, should
you:
conduct an internet search
for the applicant’s name
and background
information?
check the applicant’s
Facebook, LinkedIn, and
other accounts?
request the applicant’s
social media account user
names and passwords?
![Page 40: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/40.jpg)
The Salesperson
One year later, your assistant informs you
that your salesperson recently set up a
website with your company’s name and logo
prominently displayed. On that website, he
has been complaining about your company
and its commission plan - and insulting your
management style as “boorish” and
“incompetent.”
![Page 41: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/41.jpg)
The Salesperson Strikes Again
This same salesperson has
been posting derogatory
comments about your
assistant on his Facebook
page.
She believes he is
retaliating against her
because she refused to go
out with him.
![Page 42: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/42.jpg)
On the Way Out the Door
Before you even had an opportunity to speak with your salesperson, you receive a
terse email from him, advising you that he is leaving your company effective
immediately. You breathe a sigh of relief… but your relief is short-lived.
The next day, you see that your former salesperson is soliciting your clients for a
competitor, using LinkedIn contacts and Twitter followers you helped him develop
while he was your employee.
Are those contacts and followers property of your company?
Would communication to these contacts violate your former salesperson’s
noncompetition and nonsolicitation agreement?
![Page 43: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/43.jpg)
Social Media Security November, 2012
Social Media Security and Human Resources
Pinnacle Human Resources, LLC
![Page 44: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/44.jpg)
Social Media Security November, 2012
About Pinnacle Human Resources, LLC
Pinnacle’s staff is comprised of certified Senior Professionals in HR (SPHR) from the Certification Institute in Princeton, NJ and Masters in Education. Pinnacle employes over a dozen HR Professionals plus partners within a network of independent consultants to increase bandwidth.
Rose Miller is the President of Pinnacle Human Resources with over 25 years experience in strategic human resources management. Rose recently was awarded HR Leader of the Year from the Albany Chapter of the Society of Human Resources Management (SHRM)!
Rose Miller, SPHR/Owner [email protected]
7 Century Hill Drive, Latham, NY 518-486-8151
www.pinnaclehrllc.com
![Page 45: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/45.jpg)
Social Media Security November, 2012
Changes in the Workplace
Technology & Social
Media has Changed the
Way We Work
Pros and Cons
![Page 46: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/46.jpg)
Social Media Security November, 2012
Management Concerns
New Policies Need to be
Developed
Multi-generational Issues
Answers May Be Complicated
or Not Yet Available
![Page 47: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/47.jpg)
Social Media Security November, 2012
Company Facebook
– Car Dealership
• The salesman, the cashier
and a third party on
![Page 48: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/48.jpg)
Social Media Security November, 2012
The Importance of Employee Communications
The result of poor communications
– Architect Firm
• What happens when
terminations are not
explained properly
– Engineering Firm
• Misuse of Smartphone, skype,
and email equal harassment
![Page 49: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/49.jpg)
Social Media Security November, 2012
Supporting Technology, Communications & Social Media Policies
Reading and Understanding Policies
Communicating Expectations- No Privacy
Background Checks and Monitoring Social Sites
Reporting Claims and Supporting Claims
Developing Performance Measures
Recording Hours Worked
Checking for Abuse of Technology
Collection of Signed Acknowledgements
![Page 50: smAlbany 2013 people hacking with social media 07 13](https://reader033.vdocuments.mx/reader033/viewer/2022042814/5550a2bcb4c90590208b4d9e/html5/thumbnails/50.jpg)
Social Media Security November, 2012
Effective Supervision
Being a Good Example
Communicating Policies
and Following Procedures
Communicating Standards
Monitoring Performance
Training