IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives infosectoday.com Book Proposal Guidelines IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives infosectoday.com Book Proposal Guidelines
Auerbach Publications

IT Performance Improvement

Management

Security

Networking and Telecommunications

Software Engineering

Project Management

Database


Share This Article



Free Subscription to IT Today





Powered by VerticalResponse

 
Software Engineering Reviews and Audits
Secure Semantic Service-Oriented Systems
Systems Engineering Tools and Methods
Cyber Security Essentials
Encyclopedia of Information Assurance
Mobile Web 2.0: Developing and Delivering Services to Mobile Devices
Testing Complex and Embedded Systems, ISBN 978-1-4398-2140-4

Time to Re-write the Security Rulebook as Social Networking Goes to Work

Ronan Kavanagh
CEO of SpamTitan Technologies

Social networking and Web 2.0 applications are second nature to young people entering the workplace. For them email is slow and old-fashioned. They bring their Facebook, Twitter, YouTube and other identities to the office with them. At the same time, they use professional social networking such as LinkedIn and other business-oriented online communities for more work-related duties. According to Forrester Research, social networking is a key element of the ongoing corporate Web 2.0 wave. By 2013, the firm says, social networks will constitute a $2 billion chunk of what will be a $4.6 billion sector.

After some initial suspicion and resistance, employer attitudes are definitely changing. Many now see certain social networking applications as having a valuable business function. Instead of being used just for internal communication, they are also now being used externally as a way of engaging directly with customers, releasing news, marketing products or simply as a way of raising a profile. For example, most technology companies already routinely use Twitter as part of their marketing activities.

Yet, most business communications still revolves around an email world that has changed little over the past 10 years. Security measures center on shielding the network from email-borne viruses and spyware and keeping spam to an absolute minimum through carefully controlled, centrally administered email policies. Studies of companies with Web filters reveal that only half of them block YouTube or Facebook. Those that do are doing are trying to guard against viruses and spyware and to maintain employee productivity. But there are other security issues to consider. For example, social networking sites are great avenues for phishing and other social engineering exploits. They are also a way for dishonest or naive employees to send vital information beyond the firewall.

As social technology in the office reaches critical mass, organizations need to pursue a secure social media strategy alongside their traditional email-based security measures. For those that do not adapt, catching up has the potential to be a major problem.

Even when using social networking as a business tool, corporations still need to manage traffic to social sites. Companies need to get to a point where they are not just blocking or allowing access, but are managing employee behaviour.

Employers have to be aware how much data is flowing out of their networks and what is being revealed to the world at large. Unregulated use of social media in the enterprise can lead to embarrassing and potentially costly mistakes. Worms, too, have spread to social sites. They are no longer designed to hop from machine to machine but stay within the ecosystem of the social network, moving from profile to profile.

Nor is it enough to rely on browser patching and educated users to stay safe.

  • Ensure only those employees that are using social networking for the company's advantage can access to it.
  • Decide what functionality they can have.
  • Make sure you are managing their behaviour on that site.
  • Treat anything that is coming in as untrusted and monitor anything going out for confidentiality.

Social networking is not going away. It is very powerful, and can be a very effective tool for an organization. Companies somehow need to manage the behaviour on those sites without compromising the social networking activities that are benefiting the company.

A layered approach to protection is key. Companies need to deploy a variety of tools in an intelligent way to monitor, manage and control how different individuals use new web applications being used in the workplace. The best solutions allow for flexible policy controls where certain groups, departments or individual can have customised internet access depending on company internet policy. Some provide control over who can access which sites, and down to a very granular level. Of course, the technology of choice should also fit comfortably in the latest virtualized, Cloud-based environments that are increasingly becoming the norm.

A robust Internet education policy within a company and effective monitoring tools are critical to solving social networking security issues by keeping employees safe, compliant and productive. The boundary between home and work is blurring more and more and companies need to keep pace by deploying security tools that offer limitless flexibility without compromising control or ease of use.


Related Reading

Millennial Workforce: IT Risk or Benefit?

Attackers Exploit Trusted Entities

Innovative Use of Business Process Management Can Benefit IT, Too


About the Author

SpamTitan is a software gateway appliance that protects company e-mail from spam, viruses and malware. SpamTitan is supplied in one of two formats: ISO or VMware-certified. For companies seeking to maximise server efficiency and reduce operating costs, the VMware-certified option allows users to run SpamTitan in a virtual environment. SpamTitan provides small and medium size businesses worldwide with comprehensive protection from email threats including SPAM, viruses, Trojans, phishing, malware and other unwanted content. It also markets WebTitan, an easy to install, easy to manage and highly secure web monitoring solution. Although the company has clients in over 100 countries worldwide, 60 per cent of the customer base is in the USA.


© Copyright 2011 Auerbach Publications