Good for gov: Twitter boosts its security

Using Twitter just became a little more secure, which should ease the minds of some federal employees who use the social network outside the confines of a secure network.

The change is simple. Twitter is now offering an option in its account settings to “always use HTTPS” — Hypertext Transfer Protocol Secure. HTTPS is built on HTTP and integrates the Secure Sockets Layer/Transfer Layer Security protocol to ensure data encryption over a secure channel. It provides 128- to 265-bit encryption, which means that it is virtually unhackable. If you log in to most e-mail accounts from a browser (including Exchange when not using the dedicated client), HTTPS is being used to secure communication.

In a post on Twitter’s official blog, the company said, “Using HTTPS for your favorite Internet services is particularly important when using them over unsecured Wi-Fi connections.”

Yet, as a federal employee, you might be asking, “When am I ever not using a secure Wi-Fi connection? I am a government employee. My IT department is so uptight you could make a diamond by putting coals on their desk chairs. We never have an unsecure network.”

That might be true. Or it might be that I have a propensity for overly dramatic metaphors. Whatever. Yet not all federal, state or local employees work in big, secure offices in D.C. As social media use rises in all government sectors and the workforce becomes more mobile, making sure your Twitter account does not get hacked to embarrassing and potentially job-threatening levels should be of great concern.

An agency employee could be using the official Twitter account from a conference or even in a foreign country, where it is important that the account is not hacked and does not start sending spam to its loyal followers or worse. Use your imagination.

The HTTPS setting is used by default by Twitter when logging in to your account through the official Twitter website or when using the official Twitter applications on iPhones and iPads. The company says it will roll out the security option to other dedicated clients soon.

It is a smart move by Twitter for the ecosystem in general and to assuage the, at times, unreasonable fears of federal agencies when it comes to social media use by employees. As always, the security danger usually is in the hands of the person, not the technology.