Thursday, October 3, 2013

The Risks of Posting
Business Info Online

The US Department of Homeland Security (DHS) advises business owners to limit the information about their companies and employees that they post on their Internet sites. DHS' recommendations are reported in a recent issue of Processor Magazine.

After a recent phishing attack against 11 energy companies, DHS is warning business owners in all industries that the bad guys are using the personnel-related information on business websites to develop their attacks. Phishers use the names and contact information of the company that they want to attack to trick other employees of that company that they're being contacted by colleagues and fellow-employees.

DHS wants all businesses to avoid posting employees' names, titles, email addresses, organizational data, and the names of the projects that they're working on. With less information about an enterprise's employees and organizational structure, the DHS reasons, phishers will be less effective in their attacks.

Those of us who run one- and two-person firms in the software development industry are less likely to be tricked by people who learn our names. But each of us should evaluate the need to post a lot of personal information on our websites.

No comments:

Post a Comment