- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
Are Blogs a Security Risk?
By Paul Kerstein
Ask most military public relations specialists and they'll have strong opinions about blogs. In a few cases, however, they will approve of soldiers' blogging about their experiences, so long as the soldier is not giving up any top secret information--strategic, tactical or otherwise. If that happens, people can die.
An editorial from the Salt Lake City Weekly brought this to my attention and I wondered how blogs are affecting security executives.
While not so extreme, common sense would dictate that the same caution should be applied to company bloggers, from the executive level on down. If not, intellectual property such as the secret formula to Coca Cola could be compromised or confidential company data about an enterprise's network security could be at risk. These risks are all too real for CSOs.
Heck, even this blog could be seen as a risk by my editorial director. I may say something that's off-color, offending our readership. Or, I might release any editorial secrets we may have cooking.
But I think the key is to remain cautious when it comes to allowing your staff to blog. One rule of thumb that I see quite often in the blogosphere is, as a blogger, to ask yourself, will I be ashamed of writing that in the future or will it come back to bite me in the behind? Even better, if I write this, will I get fired?
As a security executive, if you dispense this kind of advice to your colleagues, you've made a great first step in a secure blogging policy.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.