Posts Tagged ‘facebook’
Friday, August 31st, 2012
Every day I see yet another (often another dozen) situation where employees misused, abused or otherwise accused social media sites to the chagrin of their employers. Businesses need to make a coordinated effort, using a combination of policies, training and technology to mitigate the risks (to personnel as well as the business) of workers using social media sites. Today let’s consider what organizations should be telling their workers about social media information security and privacy. (more…)
Tags:awareness, breach, bullying, compliance, cyberbullying, e-mail, electronic mail, email, facebook, IBM, Information Security, information technology, infosec, IT security, lawsuits, Linked In, messaging, midmarket, non-compliance, online posting, personal information, personally identifiable information, PII, policies, privacy, privacy breach, privacy professor, privacyprof, Rebecca Herold, security, sensitive personal information, social media, SPI, systems security, training, tweet, twitter
Posted in Social Media, Training & awareness | 5 Comments »
Thursday, May 31st, 2012
A couple of weeks ago I was doing a consulting call with a small startup business (that in a short span of time is already performing outsourced cloud processing for a number of really huge clients) about information security and privacy. They had implemented just the basic firewall and passwords, but otherwise had no policies, procedures, or documented program in place. I provided an overview of the need for information security and privacy controls to be in place throughout the entire information lifecycle; from creation and collection, to deletion and disposal. They were on board with everything I was describing until we got to (more…)
Tags:big data, breach, compliance, data analytics, data mining, degauss, disposal, disposal rule, facebook, FACTA, frictionless sharing, IBM, Information Security, information technology, infosec, IT security, midmarket, Netflix, non-compliance, personal information, personally identifiable information, PII, policies, privacy, privacy breach, privacy professor, privacyprof, protected health information, Rebecca Herold, SB 3159, security, Senate Bill 3159, sensitive personal information, shred, SPI, systems security, trash
Posted in Laws & Regulations | 5 Comments »
Thursday, May 17th, 2012
I was recently speaking with a friend on the phone, and she said, “I just had the most embarrassing thing happen! I had one of my Facebook friends send me a text teasing me about reading a rather sleazy article on TMZ. I did not know what she was talking about! So, I went to my Facebook page, and sure enough, down the timeline there was an article I had only briefly gone to the previous day after clicking a headline about moms on Google news and landed on a page; I quickly got off of when I saw it. I was so embarrassed to see that my brief visit to the page had been posted on my Facebook page! I don’t even go to TMZ on purpose, why is Facebook suddenly tattling on me when it accidentally went there?” (more…)
Tags:audit, big data, breach, breach response, change controls, compliance, DailyMotion, data analytics, data mining, encryption, facebook, foursquare, frictionless sharing, gartner, IBM, Information Security, information technology, infosec, IT security, Keywords: personal information, Metacafe, midmarket, Netflix, non-compliance, personally identifiable information, PII, policies, privacy, privacy breach, privacy professor, privacyprof, protected health information, Rebecca Herold, security, security engineering, sensitive personal information, Socialcam, SPI, spotify, systems security, Viddy, Washington post, WPO, Zuckerberg
Posted in Miscellaneous | 2 Comments »
Friday, March 23rd, 2012
In case you’ve not paid attention to the news in the past week, there has been a barrage of stories (over 1500 turned up in a quick online search) about organizations asking job applicants and employees for their Facebook, Twitter, LinkedIn and other social networking passwords. It’s a hot topic folks! I’ve listed a bunch of them at the end of this post. Compelled password disclosure is a very bad idea for organizations to do for many reasons. Here are six that should be compelling to business management: (more…)
Tags:employee privacy, employment practice, facebook, LinkedIn, midmarket, password, policies, privacy, privacy professor, privacyprof, Rebecca Herold, security, social media, social network, twitter, YouTube
Posted in privacy, Social Media | 3 Comments »
Tuesday, January 24th, 2012
Social media sites are booming. The amount of personal information folks are choosing to post to them, such as photos, videos, original stories, thoughts, gossip, and so on, is exploding. Marketers are drooling at the prospect of using all that “free” information. Well, it’s really not free, folks. (more…)
Tags:CAN-SPAM, COPPA, facebook, marketing, privacy, privacy professor, privacyprof, Rebecca Herold, social marketing, social media, social network, spam, VPPA
Posted in Marketing | No Comments »
Tuesday, April 19th, 2011
News broke yesterday about a physician in Rhode Island, at the Westerly Hospital, who was sanctioned for posting protected health information (PHI) on her Facebook page: (more…)
Tags:awareness, facebook, HIPAA, HITECH, patient information, PHI, policies, privacy, procedures, Rebecca Herold, Rhode Island, security, social media, Than, training, Westerly Hospital
Posted in BA, CE, healthcare, HIPAA, privacy, Privacy and Compliance, Social Media | 1 Comment »
Saturday, February 12th, 2011
I recently engaged in an interesting discussion with Rafal Los about the erosion of privacy as it relates to the Internet in general, and social media sites specifically. I think my readers will some useful points and insights within our conversation; especially considering the often perceived adversarial relationship between anonymity and privacy. I welcome your feedback!
So here we go… (more…)
Tags:anonymity, Digital, EULA, facebook, Identity, internet, privacy, privacy professor, rafal los, Rebecca Herold, social media
Posted in Miscellaneous, privacy, Social Media, Training & awareness | 1 Comment »
Tuesday, November 23rd, 2010
I love marketing and sales folks. Our businesses would be lost (well, at least have less revenues) without them! I’ve worked with many different sales and marketing folks throughout the past couple of decades, and I appreciate their enthusiasm and creativity to find ways in which they can help their organizations make more revenue. (more…)
Tags:consent, facebook, laws, marketing, Opt-in, privacy, Rebecca Herold, sales, social media, spam
Posted in Marketing, privacy, Social Media | 1 Comment »
Friday, February 13th, 2009
I just ran across this article while doing some research, and it made me go, “Whoa!”…
(more…)
Tags:Australia, awareness and training, facebook, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training
Posted in Information Security, Laws & Regulations, Miscellaneous | 3 Comments »
Wednesday, May 7th, 2008
I’ve blogged several times about how employers are inreasingly using information found on the Internet to make hiring, and firing, decisions, such as here and here.
I’ve also written about it several times, such as here.
Here’s another example to add to your files for how information posted to social networking sites, such as MySpace and Facebook, can impact your employment situation where a woman graduating with an education degree was denied teaching credentials, and this is not the first time a situation has occurred similar to this…
(more…)
Tags:awareness and training, employee privacy, facebook, Information Security, IT compliance, MySpace, policies and procedures, privacy, risk management, security awareness, security training
Posted in Privacy and Compliance | 2 Comments »
