Managing Social Media for Network Security

Network managers have a whole new attack surface to manage: the vast multitude of potential entry points created by social media sites, each one offering new opportunities for malware or information loss.

By Brian Proffitt | Posted Feb 3, 2011
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Managing network security is all about controlling the attack surface.

If your network users need to communicate with services A, B, and C through channels X, Y, and Z, it's not impossible (with a little elbow grease) to manage the potential attack surfaces in the network and control the security risk. When it was all about communication with email and a few Web applications, network security could be better managed, because you knew where the potential holes were and could close them off when new threats were revealed.

But now network managers have a whole new attack surface to manage: the vast multitude of potential entry points to a network created by the use of social media sites. And as social media services get more robust, the potential for a security breach goes up almost exponentially for both your organization and individual users themselves.

It's become a well-known scenario: An employee visits a social media site on a corporate machine during some idle time and ends up picking up a piece of malware from one of the dozens of trojans that proliferate through that site. That malware may just turn the machine into a spam generator, if you're lucky. More sophisticated malware will log keystrokes and provide the malware author with plenty of authentication information from your network.

Users themselves are particularly at risk while using social media sites, because if one of their social media accounts gets compromised, it's a fair bet their password will be repeated on other sites. This leaves them vulnerable to being hacked on banking and commerce sites, which can impact their productivity as they spend days if not weeks trying to get their online and financial identities back in order. Not to mention what happens if they use the same password for your network.

Depending on the brazenness of a criminal targeting your company, your very organization can even be put at risk. A recent story on Inc. related the tale of a manufacturing company undergoing an expansion of their warehouse and announcing it to the world at large on their corporate blog, Facebook, and Twitter.

"As the day for the big move approached, they told customers about potential shipping delays, but said they'd return with better service than ever.

"On the first day, several men wearing the uniforms of a well-known logistics company showed up to help with the move. With dozens of legitimate workers swarming around the site, they blended in easily and no one questioned them as they loaded equipment into their own van. They drove off before anyone realized they were interlopers," the article related.

This kind of incident is rare, but virtual criminal activity doesn't have to remain virtual; reports of armed robberies and assaults around Craigslist-initiated sales meetings are also on the rise.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter