1 Encourage awareness-raising and educational campaigns: as well as face-to-face awareness-raising campaigns on the sensible usage of SNSs, SNSs themselves should, where possible, use contextual information to educate people in real-time. Additional awareness-raising campaigns should also be directed at software developers to encourage securityconscious development practices and corporate policy.
2 Review and reinterpret the regulatory framework: SNSs present several scenarios which were not foreseen when current legislation (especially data protection law) was created. The regulatory framework governing SNSs should be reviewed and, where necessary, revised.
3 Increase transparency of data handling practices: a review of the practices of SNS providers in Europe with respect to existing data protection law is recommended.
4 Discourage the banning of SNSs in schools: SNSs should be used in a controlled and open way with co-ordinated campaigns to educate children, teachers and parents.
5 Promote stronger authentication and access-control where appropriate: stronger authentication should be used in certain SNS environments. Additional authentication factors that could be used range from basic e-mail verification through Captchas and recommendation-only networks to physical devices such as mobile phones and identity card readers.
6 Implement countermeasures against corporate espionage: various steps are recommended for the prevention of social engineering attacks on enterprises.
7 Maximise possibilities for abuse reporting and detection: SNSs should make it as easy as possible to report abuse and concerns. Report abuse buttons should be as ubiquitous as the contact us option on classic websites.
8 Set appropriate defaults: default settings should be made as safe as possible, and accompanied by userfriendly guidelines.
9 Providers should offer convenient means to delete data completely: simple tools should be provided for removing accounts completely, as well as allowing users to edit their own posts on other people's public notes or comments areas.
10 Encourage the use of reputation techniques: reputation mechanisms can act as a positive motivator towards good online behaviour.
11 Build in automated filters: a legislative review into SNS filtering should be undertaken, with a view to SNS providers building filters into their sites.
12 Require consent from data subjects to include profile tags in images: SNS operators should give users privacy tools to control the tagging of images depicting them.
13 Restrict spidering and bulk downloads: SNS operators should restrict spidering and bulk downloads (except for academic research purposes).
14 Pay attention to search results: data should either be anonymised, not displayed, or the user should be clearly informed that they will appear in search results and given the choice to opt out.
15 SNS spam: similar techniques to those used for e-mail anti-spam reputation systems should also be developed to eliminate spam comments and traffic.
16 SNS Phishing: the best practices for combating phishing on SNSs, which are promoted by the APWG, should be adopted.
17 Promote and research image-anonymisation techniques and best practices.
18 Promote portable Social Networks: the economic and social implications of portable social networks should be addressed.
19 On research into emerging trends in SNS: looking to the future, the group has identified some trends emerging in SNSs that have important security implications. More research should be carried out in the areas of mobile SNS, convergence with virtual worlds, misuse by criminal groups and 3D representation and online presence.
SOURCE :-Computer Weekly
Is this real?
ReplyDelete