Beware: Twitter's security problems are yours too

Recent hacks of Twitter data and the misuse of the microblogging service for phishing and other malicious activities highlight the danger of adopting new technologies before they are business-ready.

The Twitter microblogging service gets a lot of publicity, but recently that publicity has been increasingly bad as the company has become the victim of a series of hacks.

The most recent incident, which came to light last week, initiated an industry squabble over whether cloud computing is inherently unsecure or whether Twitter executives are just guilty of using bad security practices. It seems that a poorly protected password allowed a hacker to gain access to company records in Google Apps, a suite of online office services Twitter uses.

But the hacks, along with misuse of Twitter accounts that could compromise users, also highlight the danger of adopting new technologies as business tools before they are ready to be folded into the enterprise.

It is not surprising that Twitter and its management are not particularly focused on security because the service was started with no meaningful purpose. The site proclaims that it is intended for “the exchange of quick, frequent answers to one simple question: What are you doing?” Anyone who wants to frequently update the world on what he or she is doing in 140 characters or less probably has no life to speak of, and the people who want to read those updates probably are just as lacking. A tweet essentially is a postcard without the pretty picture, thus there is no reason for it to be any more secure than a postcard.

The novelty quickly became popular, however, and is becoming more widely used as a way to broadcast alerts and notices. A new, tech-savvy administration and Congress is adopting it, and according to the Web site GovTwit.com, there are more than 2,000 Twitter users either in government or commenting on government, with more than 17 million followers. From the Air Force to the White House, 375 agencies or offices use the service, along with 91 U.S. senators, congressmen and Hill staffers.

Those who seek ill-gotten gains have noticed the site's popularity. Not only has Twitter itself become a target, the site has become a vector for phishing attacks and links to Web sites containing malware. People who are used to thinking of Twitter as a nerdy toy use it in the workplace and expose the enterprise to risk.

This grassroots adoption is not a new story. It happened with texting, instant messaging, even with e-mail and the Internet itself. Today, these are accepted workplace tools, but years later the workplace still is suffering because of the vulnerabilities that these tools have introduced. They were developed without much thought for security, and even with the technologies and policies that have been bolted on later, networks tend to remain dangerously porous. These tools are common channels for both bad stuff coming into the enterprise and data leaving it.

The lesson we are being forced to learn once again is that technology often is thrust upon us and that administrators need to be aware of the implications of new tools such as Twitter. Banning their use probably is not necessary and might even be impossible, but policies to ensure responsible use and adequate security need to be in place as soon as new technology shows up in the workplace. Just because Twitter lets itself be hacked is no reason that users in your office should not be required to use strong passwords and common sense.

NEXT STORY: VA puts a hold on 45 IT projects

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.