Is Google’s ” do no evil” strong enough protection for what they collect?

Jump onto Google mail on a computer someday and start an email.

Pick a couple of topics to discuss with whoever you are talking to, now stop and look at the Google ads that are above and to the right.   Notice that they are picking up key words of your email.   Do you find it interesting or  terrifying.

Furthermore, look on Facebook or LinkedIn the next time you are on and look at the “recommended contacts”.  Have you noticed that people appear there that you have no interest in connecting to, they maybe people you know, correspond with or have in your contacts lists but they seem to appear in this area without your input.   Scary isn’t it????

The search algorithms that the search engines and social media sites use are very high end mathematics, using statistics and calculus to generate the required search matrix, just imagine it took 1/10000 of the processing power of today’s computers for NASA to put someone on the moon.

The capabilities of today’s systems are mind blowing.

Google have this “do no evil” policy but is it strong enough to stop someone with access from really getting to know you.   The information generated from your searches tells people a lot about who you are, what your interests are and what your personal and business focus is on.

What has this got to do with cyber security?

Well it can have a huge bearing on a social engineering attack on you, your company or your family.   That information, although not readily available, is an electronic copy of you, tour personal life or your business.   Most people have very reduced security focus when it comes to social media sites like Facebook and LinkedIn and are willing to put information up there that they would not normally put anywhere else or in some cases discuss with their closest friends, but there you go – let’s put it on Facebook.

Additionally in the Twitter-verse your comments, involvement and contacts further tell everyone who you are.

This information combined with a reason to target you and your business will give a cyber-criminal the initial social engineering boost.   This boost will allow them to target your passwords for access and for things like bank accounts.

I have always harped on about keeping your personal information secure, but social networks lower your defences quite dramatically.   In the focus and desire to connect with people you know keep an eye on how much information is enough

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.