Feeds

Spooks and techies to be vetted for their online networks

Who exactly is this smiley character?

Choosing a cloud hosting partner with confidence

Be careful who your online friends are, as they could well damage your career. That is the slightly chilling warning sent to us this week by a reader who works at a senior level providing IT support on a range of Government projects.

He writes: "I'm not clear on what the official line is on Facebook regarding vetting but we are being told to remove ourselves from social networking sites if we are going to Developed Vetting (DV or Positive Vetting) clearance. I think this is mainly because the interviewers are asking candidates to justify their relationship with everyone on their 'friends' list".

He adds: "Social engineering is a complicated art for the boys south of the river and I don't profess to understand all of their knowledge/paranoia. Next they'll be going through our address books. I understand they need to be cautious about who they allow access to top level information but I think there are better ways of establishing trust than this."

In one sense, this is nothing new. If you would like to work on a secure government project, expect your life to come under scrutiny: the more secure the project, the more intense the scrutiny; and at certain levels, your friends and acquaintances are bound to be called into question.

There are, however, two aspects to this process that should give pause for thought. First is the way we use sites such as Facebook, and the ease with which (some of us) click on the "friend" button for individuals who, in real life, we would never describe as anything more than casual acquaintances.

The sad news for anoraks is that research suggests that online promiscuity does not, in the end, lead to us having more friends than we would have in the real world.

How far do the Security Services take this into consideration? Do they downweight online friendship? Or do they take it at face value?

We put these questions to a number of government departments, including the Home Office, who are responsible for providing information about the activities of the Security Service (MI5). The not wholly unexpected answer, given in various shapes and guises, was: "We do not comment on security issues."

Second is the tendency for managers – and in this context, spooks are not very different from information managers - to use the tools available to them. A hot topic within the counter-terror community nowadays is "netwar", a form of social and political activism that is defined by the networked organizational structure of its practitioners.

Intelligent flash storage arrays

More from The Register

next story
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.