There is an inherent conflict between physical security concepts and the basic theme of most social networking services. For the average user the conflict is minimal, but for security professionals it can feel almost unnatural to share information about ourselves in that kind of medium. Facebook, LinkedIn, Twitter and other services are amazing tools for social and professional networking. But, like most tools the benefit you get out of them has a lot to do with what you put into them. That includes a degree of personal information, and for many - an uncomfortable trip into the uncharted waters between your personal and professional life.
In a lot of ways, this is the same difficult learning process people over the age of 30 are going through as "friend lists" start shifting from mostly personal relationships and a few professional friends to a more balanced mix of personal and professional contacts. At some point, they have to find the happy medium where they can get the valuable benefits of being candid - without risking safety or professional status.
Looking at this from a global perspective, I think social media, networking and Web 2.0 in general could bring about an important change in the corporate landscape. People will learn how to fuse professional and personal relationships in ways that were unheard of before. The end result should be refreshing honesty and candor bleeding into what most people consider a huge rift between the two worlds.
In the security field, we are constantly warning people about publishing sensitive information that can be used against them. We've all seen cases of cyber-stalking and harassment but worry about more serious crimes against our clients/staff/friends. Of course there are security features available and privacy partitions between what you'd like to be public and private information. But since most people don't understand how these things work, they are not always used property - and sometimes not at all.
I've pulled together some observations on a few of the popular mediums. Being a shade-tree sociologist and old-school technology geek I've checked into many of the services out there. Being a security professional, I've applied that point of view to hopefully come up with information that's useful to other security professionals. Starting with Facebook, I soon realized there is no way to cover everything in one post (at least one that can be absorbed in one sitting). So, this will be a multi-part piece so I can focus on each piece and drill down on the good stuff. It also gives readers a chance to chime in with any thoughts or requests for specific networks or services.
And as a bonus, I've reached out to my contacts in the security industry who participate in social media to ask if they would mind if I listed their accounts as part of this total series. Hopefully, after I cover a service I will be able to list some security professionals who use it as well. If you'd like to be listed, let me know.
If all goes well, it should look like this:
Part #2 - Facebook and Myspace
Part #3 - Twitter
Part #4 - LinkedIn
Part #5 - Social Media and Cloud Computing
