Having worked as a web developer for a number of years I have a little experience setting up and securing networks and web applications. Concordia university has recently banned facebook access from wired terminals (but the wireless network remains unblocked). Here is Concordia’s reasoning:
“Starting September 1, 2008, Facebook can no longer be accessed from desktop computers with a wired connection to the Concordia University network.
Facebook is still accessible at Concordia if you connect using a wireless network connection. It is also accessible in all residences.
The university has decided to implement these restrictions because of concerns that the continuing reliability of the Concordia network could be compromised because of spam, viruses and leaks of confidential information related to Facebook use. Although accessing Facebook using a wireless connection may present some security risks, the potential danger to the main Concordia network is greatly reduced.”
Now I would love to hear how Facebook compromises security anymore than hotmail access. I can guarantee that it does not, and I believe this shows how social networking applications are misunderstood. Looking back to Enkerli’s presentation on enthusiasm and technology adoption, it really shows how it takes more than just a teacher to experiment and use new communication technologies. A lazy IT department can opt for the “quick fix” (just block it) which in turn makes it extremely difficult for teachers to make use of it.
In fact, I doubt this has anything to do with IT security, and I would bet “higher ups” outside the IT department played a large role in making this decision. Any Concordia staff care to comment or let us know how this decision was made? I’ll start digging into this today, and see what more I can uncover.
(field notes from my conversations with students at Concordia about the facebook ban)
Interestingly students are already working around the ban by using various proxy servers.
accesstofacebook.com (this lets you login, but using such proxy’s is probably an even greater security threat depending on who runs the proxy service). Some features also do not work when logged in through the proxy server [think of a proxy as a server in between Facebook and you, which accesses Facebook on your behalf and gets around the access ban. The proxy can feed you whatever it wants, so it could be recording passwords etc].
See also Dimitri’s discussion about how the facebook ban affects student run organizations at the university.
[note, article in paper i read discusses how social viruses can be transmitted through facebook... so yes, if someone is in a group, and gets a message to check out a website, and then downloads a virus, there can be security threats.]