Facebook Games and Security

October 25, 2010, By Christian Cawley

Facebook and other social networking sites are great for sharing news, photographs and links – but not so great for protecting your privacy. Security concerns about social networking sites distract many IT professionals on a daily basis, and these concerns are growing.

What is it about social networking security that causes such sleepless nights among network security specialists? Why do data security officials worry about the impact of Facebook, Bebo and similar sites upon their employees and their business?

The truth is Facebook was never meant for work. It is a leisure tool, designed to allow people to communicate with friends and family around the world. Games, personal messages and uploading of photos should have no place in the office.

Yet many organisations permit access to Facebook, and more particularly Facebook games and its various associated applications. The dangers here are considerable.

Personal Security Issues

Anyone who signs up to play Facebook games opens themselves up to a bit of online fame; whether your Facebook profile is private or hidden, by taking part in these games strangers will see your details.

These games – often never-ending and therefore in many ways pointless – usually require that you increase the size of your “network” (examples such as Mafia Wars and Vampire Wars spring to mind here) which in turn gives you superior status and makes upgrades and other bonuses easier to acquire.

But adding people you have never met – strangers – as friends within these games opens your profile information up to them. There is no way to distinguish these people from criminals; it has long been suspected that phishers are using Facebook to find information to commit identity fraud – look up FBDigits on Google for more detail on this.

This is a clear risk.

The best way to avoid these security issues is to withdraw from playing such games. The applications will inform you when you sign up to them exactly what information is shared, and you should take notice of these disclaimers. You should also take a look at your Facebook privacy settings and see just how happy you are to share this information.

PC and Network Security Risks

The risks of social networking to the security of your PC or corporate network are also considerable.

A study by networking giants Cisco has revealed that companies allowing their employees to play games on Facebook are opening their doors to hackers and cyber criminals.

The question here is – what are the real risks? If malware can find a home on a corporate network or PC, will network security applications find the virus, worm or keystroke logging software in time? And can banning Facebook be counter-productive?

Cisco’s report states that “…businesses must balance the need to provide access to collaboration tools with the need to manage enterprise security.” However it is fair to argue that this can only be on an appropriate basis.

As a course of action, for any corporate administrator I would suggest:

  • Producing regular reports on Facebook activity courtesy of your web filtering software
  • Maintaining a file on Facebook related threats and malware
  • Ensuring all networked PCs, servers and NAS devices are included in anti-virus routines
  • Ensuring that all networked PCs and servers have fully patched and up to date anti-virus applications installed
  • Issuing a user policy for the correct use of Facebook.

Few Facebook applications worth their salt will knowingly carry malware to the user’s PC – however anyone at home or at work who is intending to engage in Facebook gaming should not only manage their privacy settings more effectively, they should also be managing their PC security software effectively.

© 2008-2012 DeviceMag.com - All rights reserved | Privacy Policy