7th September 2009

 If you use Facebook and other social networking sites you will be familiar with the adverts and downloads which are available. 

These can easily draw in the unsuspecting user who might, amongst other things, be duped into downloading malware onto their machine.  

I appreciate why Theo Paphitis (of Dragon's Den fame) bans access to such sites in his workplace.  

 http://www.dailymail.co.uk/debate/article-1210564/THEO-PAPHITIS-Why-ALL-bosses-I-did-ban-staff-Facebook.html 

 When I joined Facebook one of my friends greeted me with "Welcome to the best way to waste time on the internet" and he does have a point.

However, I think it is an opportunity missed if the subject of social networking is not discussed as part of a security awareness program.  After all, staff may access work data from those infected home machines and bring the problem back to workSurprised

 3rd August 2009 

If the image your staff have of a person who conforms to security policy is that they are a 'towel straightening geek'- Then they are not going to want to turn into one themselves.

Therefore they are more likely to resist guidelines for secure behaviour. Yell

Managing that perception is one key to developing a culture of security Laughing