Social Networking Will Create Havoc.

      In the beginning was the user, not extremely computer savvy, but knowledgeabe enough to sign in, and perform job functions. Those were the days when there was unintended security, security through ignorance, maybe. Interconnectivity was not compulsory. Dumb terminals and mainframes afforded centralized security. Networkers viewed the computer at work as just a big, boring tool. They couldn't wait to get away from these robotic beasts. Discussions about computers were painful, echoing the agony of working with them. I don't lament for the return of this almost mesozoic period but in my own twisted way I think we will silently wish that we could somehow revert to that period but without the rampant ignorance. We will just have to keep wishing.
     The world of networking is headed for an eruption that unfortunately will impact our everyday lives if not our very existence. Some may quickly label me a dispenser of doom or even a "fearmonger". I assure you I'm not. The reality is that we have created an environment that has handed so much power to the masses, those deserving and those who are not, that it is only logical that at some time we will have to revisit that ease of hand. Functionality is the order of the day, manufacturers are boastful about the kaleidoscope of networking
"can do's" on their products. Applications are being created on a daily basis. These applications, I opine, blurs the line between sanity and well...........you figure. I can't yet understand how someone can be entranced by yoville and farmville. I look at a friend and she is enraptured by these apps.
      Social networking is gonna be booming in 2010. It is stealthily approaching enterprise networks. at this point I will repeat what I have written in at least six articles. Lack of user training is gonna whup our behinds. There are still organizations that trivialize user awareness. Companies spend thousands of dollars on security devices, but has a minimalist mindset when the issue of user training is raised. The user of today is not far removed from the user of yesteryear. The only difference is they are, in many cases, not aware of the power at their disposal. It's like being able to load agun, shoot it but never seeing what happens on the other end.
Users Tweet, exchange stuff on Facebook and MySpace,they build their own lenses on Squidoo, create their own blogs, wikis and just about anything imaginable. The power of these untrained users can be unleashed on the cyber world with one download or mouse click.
     We have already seen compromises that were linked to some form of social networking. Let's face it, if a user is not aware of the personal security ramifications of posting information on these networks, can this user be trusted to use good judgement on an enterprise network? I read with contempt the posts of one person I know who relates everything about the network on which she works, ironically it is a public transportation company. I also suspect that posts are made while on the company's network. Are we to believe this individual will recognise a phishing attack? A non-tiring chatterbox like this is the premier target for a social engineering attack.
     Then there is the advent of false Twitter profiles being used to spread malware. OMG! Enterprise networks will be better served to address the need for user training, security policies that are enforced, acceptable use policies that are understood, yes, we need to harden our most intelligent line of defense, the user. If we continue to backshelf training, a hard lesson will have to be learnt. Network will suffer from downtime, availability will be longed for, integrity will be suspect and doors would be added after the house was broken into. The line between corporate networking and social networking cannot be blurred. We cannot put gasoline and a lighter in the hands of an uneducated child and hope there is no fire.