Social Networking Security - Page 2
This article will look at how best to manage the security issues social networking brings to business and if a company decides to stop staff using social networking how can it monitor this and avoid security breaches from threats left behind by computers that have been used to access social networks.
How to tackle the risks:
There is no simple solution to manage these risks. Businesses can implement technical barriers to prevent any use of Twitter, Facebook or similar applications but then the business may have lost a valuable sales and marketing tool in its effort to protect its information security and privacy. Businesses should firstly have an Acceptable Use Policy that details how social networking sites and applications can be used. The policy should also define consequences for failure to comply as this can lead to the termination of employment and legal action. It will always be difficult to restrict what employees do on their personal social networking accounts so it is important for a business to protect its information based on a worst case scenario idea that employees will download malicious code and will divulge information they shouldn't.
It is crucial for organisations to carry out a risk assessment to establish which information is most critical to the business. They also need to evaluate how it might become vulnerable and how to protect it. Assessing current and future risk posed to the business is imperative so action can be taken and high level critical threats can be mitigated. They must also make sure their current infrastructure has the most up to date and application-aware security solutions (including both network and endpoint based solutions) to block any harmful files that may be accidently opened. Employees should receive education on the information security risks involved in their internet access and how they can guard against them - for example, only installing or running applications from trusted sources approved by the corporate IT department.
Technologies have started to emerge that offer granular control of social networking functionality. Palo Alto Networks offer one such technology that is unique in the firewall marketplace. It allows businesses to gain user application usage visibility and affect a policy to control social networking site access from almost any aspect such as chat, email, apps and file transfer. As well as securing site access, companies that harness web 2.0 functionality for their own use should be mindful of ensuring their applications and website code is fully checked and written in a secure manner which can be validated. Last but not least, use common sense on the internet and in email, by taking an extra moment or two to think about what you've received or are about to do can mean the difference between looking at a seemingly harmless funny photo and risking critical business and personal information such as customer details, business plans, bank account details, all of which you don't want to be in the hands of anyone other than yourself or your business.
Pentura is exhibiting at Infosecurity Europe 2010, the No. 1 industry event in Europe held on 27th – 29th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk