T 3.106 Inappropriate behaviour when using the Internet

All sorts of incorrect behaviour when using Internet services can have negative effects. Typical examples for inappropriate conduct and resulting undesired effects are listed in the following.

Insufficient response times

When using Internet applications and e-mail, communication partners have high expectations regarding the time required by the person contacted to respond. If these expectations are not met, for example, due to the lack of an appropriate processing procedure, this can result in loss of profit, frustration of customers and employees, etc.

Loss of control

When information is published in Internet services or disclosed by e-mail, the author is no longer able to control who receives this information and what happens to it. This can result in undesired use or misuse of this information.

Mixture of private and work environment

As many IT systems (such as mobile phones, PDAs), applications, and services (such as social networks, web mail) are used for both work and private purposes a clear separation of the information used here between private and work environment is difficult. This can cause problems if attackers gather large amounts of data and evaluate this data for targeted attacks on individual persons or organisations, as, for example, in social engineering.

Loss of confidentiality

The security of Internet applications is often misjudged or inappropriate safeguards are used for protection of information, for example, if information is disguised instead of encrypted. This results in unwanted disclosure of confidential information to the general public.

Example:

© Federal Office for Information Security. All rights reserved.