Authors:  Gary Bahadur, Jason Inasi, and Alex de Carvalho

Publisher: MCgraw-Hill  – 341  pages

Book Review by: Venkat Balasubramaniam

In today’s Internet age, there is boundless opportunity to market your products and services through social media and increase your revenues and profits by adding new customers to your database. With hundreds of millions of consumers connected on Facebook, Linked In and other social media, it is easier than ever for companies of all sizes to reach out to and communicate with consumers of all income levels and assets.

At the same time, threats galore abound today. On personal and corporate levels, your bank accounts, your credit cards, your data, your digital assets, your financial information, your identity, your images and logos, your rights, and even your very reputation are at risk of being attacked and stolen.

Often, it is not possible to recover your stolen money, to immediately cancel your credit cards, foolish to recover data that must have been copied, get back digital assets (that can be modified and re-used) stop others from using your images and logos, regain your rights, or un-mar your spotless reputation.

Loss recovery and damage control is expensive and time-consuming. Better to prevent all these undesirable events from recurring or better still, from occurring in the first place.

The authors of this book – Lal Bahadur, Jason Inasi and Alex de Carvalho – offer you a solution to these problems in this book.

Gary Bahadur is founder and chief executive officer of KRAA Security. He has more than 15 years of experience in the information security and technology industry.

Jason Inasi is CEO and creative director of the Factory Interactive. Among its corporate clients are: AOL Latin America, American Airlines Arena, Cable & Wireless, and Carnival Cruise Lines.

Alex de Carvalho is vice president of business development for VoxMed, director of social media at Medimix and professor of social media at the University of Miami.

Through more than 340 pages, they explain to you how to safeguard the items mentioned above, and more. Among the other types of cyber attacks are: malware, vulnerabilities, cross site scripting, cross site request forgery, corporate espionage, phishing, and spear phishing.

They show you – whether your are the chief information officer of a large corporation or the owner of a small business – the latest threats out there and how to protect yourself from them.

The authors instruct you on how to analyze your risk, implement best practices, put in place the necessary security protocols, formulate and enforce social media rules of usage, manage your reputation online, and respond to incidents of “cyber invasion.”

Among other matters, this book shows you how to :

  • Assess your global social media presence and identify vulnerabilities
  • Establish solid security policies at every level of your organization
  • Monitor usage by employees, clients, competitors, and the public
  • Block cyber stalking, phishing, malware, and identity theft exploits
  • Guard intellectual property rights, trademarks, copyrights, and logos, and more.

The authors use the H.U.M.O.R methodology: Human resources, Utilization of resources and assets, Monetary considerations, Operations management, Reputation management.  This is a systems-based approach to develop necessary security policies, plans and processes to lessen attacks through social media.

The book contains 18 chapters organized around its five parts. It also presents instructive case studies as examples to understand the material in an easier way

Part I deals with assessment of a company’s social media security. It contains chapters dealing with the social media security process; looking at the foundation of your own security policy and details; and monitoring the social media landscape;

Part II is on assessing social media threats. It has chapters on threat assessment; and what can go wrong, such as dangers specific to social networks, cyber stalking, validating the end user, and data scraping.

Part III covers operations, policies and processes. Its chapters are on the following matters: best practices on social media security policy, strategies and collaborations on  the human resources department, on utilization of resources, on monetary consideration, on operations management, and on reputation management.

Part IV relates to monitoring and reporting. The chapters cover the responsibilities of the human resources department such as compliance with rules and monitoring employee usage; as well as monitoring and reporting as it relates to utilization, monetary matters, operations, and protection of reputation.

Part V is entitled “Social Media 3.O.” Its chapters deal with the challenges ahead and the future of social media security.

Heads of information technology department at companies that are planning to promote their products and services in social media networks or that are already in it, should read this book closely. I believe a summary of key points covered in this should be provided to CEOs and owners, so they have a clear understanding of existing and potential threats.