April 15, 2009

glowingphoneby Carl Anctil

The perceptions and concerns we have about disclosing to much personal information have a direct link between the sharing and the openness of collaboration. When peering is added to the equation, we end up with what we have today, which is often referred to as Web 2.0.

The debut of dynamic content and open source software such as the LAMP stack, have contributed and provided an affordable platform for people to create and share with others. Without this basic foundation, we would still find it difficult to collaborate with every day people. This brought on a new requirement, how could we justify or to approve the work that people are creating and sharing with other peers. The easiest and most affordable method to legitimize the work created by a large pool of unknown people is to be open about the content, how it is built and where it comes from. The easiest way to accomplish this is simply by using your real name and identifying the purpose of your collaboration. (blog, wiki, social media, etc.)

Social media websites such as Facebook, Myspace, Linkedin, etc. are common these days and they make it easy to collaborate and share with family, friends and anyone else really. Through these new collaboration means, our personal information is much more exposed than it was before. If convenience is counter to security, then exposure must be counter to collaboration. In security, when something is convenient it usually means it is less secure. With collaboration, the more we collaborate, the more exposure (risk) we put on our private information. Just look at the social media websites mentioned above as examples. They contain a lot of private personal information, and people must learn how to balance the kind of detail they share with others through this new digital medium.

We all know (should know) that increased exposure normally also means more risk or at least greater risk. How do we mitigate this risk? By helping people protect their personal information. People have to learn how to collaborate online. The key is to learn to manage which personal information to give out and how to control it.

I believe that using a real name for collaboration doesn’t necessarily increase the risk of exposure as long as the other personal information included is also common knowledge or otherwise publicly known or easily obtainable. For example, I can manage the combination of my real name plus my work history. I control what I expose, so I can manage that information about me. Other private personal information such as date of birth, social insurance numbers, addresses, etc. should and need to be kept private and tightly controlled. Besides, private personal information should not and is not required in general collaboration. So why take the risk?

About the Author Guest Blogger

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Don't know where to start?

Check out Security Catalyst Office Hours to meet your peers and celebrate the good, help each other, and figure out your best next step. We meet each Friday… and it’s free to attend.