“ Expedia.com... enthusiastically supports
the use of social media sites such as
Facebook, LinkedIn and Twitter... and it
uses those sites to promote its services.”
arIeL sILvers ToNe, vIce presIdeNT aNd chIef INformaTIoN
securITy offIcer, expedIa
is contained in those sites that is
very personal,” Pinon says. “People
post everything from their birth-
days to where they’ve been to who
their friends are—their whole life
story. We know the bad guys are
going to those sites just to gather
information about people for iden-
tity theft or to develop more infor-
mation on the individual.”
Information gleaned from the
sites could be used to gain access to
company systems, Pinon says. In
addition, he says, some sites could
be sources of malware and other
programs that could threaten the
bank’s security.
If bank employees need access
to social networking sites via the
corporate network, they must get
permission from the information
security department, Pinon says.
This policy applies even to the most
senior executives.
“For example, someone from the
marketing department may have a
need to access a site, so we will
open up access for them to allow
them [to use it] for the period of
time they need it. Then we shut
it back down,” Pinon says.
