DOD wrestles with Web 2.0
Policy review to tackle security, privacy concerns.
The Defense Department is reviewing its social-media policy amid ongoing security and privacy concerns. The re-evaluation comes soon after an Aug. 3 Marine Corps ban on the use of social-networking sites, made effective immediately.
“We’re addressing the challenges from a security standpoint but also the impact and the value that they have to the department to be able to communicate in a 21st-century environment,” DOD spokesman Bryan Whitman told reporters Aug. 4. Whitman added that the review is part of a directive issued in a July 31 memo from Deputy Defense Secretary William Lynn that called for a study of social-media sites such as Twitter, Facebook and YouTube.
The Marine ban and DOD review are happening even though social media has become a significant force since the 2007 reversal of an initial DOD ban on social-networking sites. Government and the military have become deeply entrenched in social-media tools. Various military and government outfits have hundreds of thousands of Twitter followers and Facebook fans, and access to social-media sites is required on U.S. Army bases.
However, according to the Marine order, “These Internet sites in general are a proven haven for malicious actors and content and are particularly high-risk due to information exposure, user-generated content and targeting by adversaries." The order added that social-networking sites create an easy conduit for information leaks.
However, some assert that a blanket ban on social media isn’t the way to go.
“There certainly are security concerns associated with social networking, but it would be a step back to ban social networks completely,” said information technology security expert Rohyt Belani, a consultant and instructor at Carnegie-Mellon University. “I think there is a middle ground that can be reached.”
That middle ground will require the incorporation of significant security measures. At security giant McAfee, which contracts with DOD and other government and military agencies to provide network security, a comprehensive approach is used to deal with the high-stakes needs of the federal government and military.
“It’s a battle between utility and security — you need to balance both,” said Tom Conway, director of federal business development at McAfee. To meet contractual needs, his company provides advice, tools, products, assessments, deployment of strategies, threat briefings and continuous training as ongoing support to DOD and other military and government clients.
“DOD does need a standard, departmentwide policy,” Conway said, adding that he disagreed with an all-out ban. “The security concerns are real and varied. But you can’t turn back the clock, and you can’t deny progress.”