Add guidance for suspicious linkedin profiles
Why is this change being made?
In the #security
Slack Channel we get questions from time to time about LinkedIn profiles of people who say they work at GitLab. This MR should help team members be more self-sufficient in dealing with this situation.
My proposal is that A) if there's nothing urgently suspicious, just use LinkedIn's report feature and B) only escalate to security if something sus happens.
Verifying past employment is a "nice to have". If someone says they used to work at GitLab that's not really a big deal. Presumably a threat actor trying to use LI as a social engineering vector will say they currently work at GitLab - team members can validate that with WorkDay.
Slack threads
Team-member only:
- https://gitlab.slack.com/archives/C248YCNCW/p1700521399497039
- https://gitlab.slack.com/archives/C248YCNCW/p1695927973711749
TODO
-
Can team members identify alumni? WorkDay only appears to have current team members - Asked in
#people-connect
https://gitlab.slack.com/archives/C02360SQQFR/p1700526777031419
- Asked in
-
Do SIRT (or some other team) want team members to report this anyway, to spot potential incidents early on?
Example
This is what a legitimate profile should look like:
However many team members likely don't know that they can verify their employment. This shouldn't be a deal breaker - it's easy enough to verify via WorkDay.
Author and Reviewer Checklist
Please verify the check list and ensure to tick them off before the MR is merged.
-
Provided a concise title for this Merge Request (MR) -
Added a description to this MR explaining the reasons for the proposed change, per say why, not just what - Copy/paste the Slack conversation to document it for later, or upload screenshots. Verify that no confidential data is added, and the content is SAFE
-
Assign reviewers for this MR to the correct Directly Responsible Individual/s (DRI) - If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
Maintained by
section on the page being edited - If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in #mr-buddies
- The when to get approval handbook section explains the workflow in more detail
- If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
-
For transparency, share this MR with the audience that will be impacted. -
Team: For changes that affect your direct team, share in your group Slack channel -
Department: If the update affects your department, share the MR in your department Slack channel -
Company: If the update affects all (or the majority of) GitLab team members, post an update in #whats-happening-at-gitlab linking to this MR - For high-priority company-wide announcements work with the internal communications team to post the update in #company-fyi and align on a plan to circulate in additional channels like the "While You Were Iterating" Newsletter
-