Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Monday, May 11, 2009

How can you handle risks that come with social networking?

Last week I wrote about one of a collection of seven pieces on Burning Security Questions published by Network World. I'm going to look at a second piece today on the risks that come with social networking.
Facebook, MySpace, Twitter are hard for your end-users to resist but can bring security dangers to your organization's network.

From the article:

[I]t comes with huge risks that range from identity theft to malware infections to the potential for letting reckless remarks damage corporate and personal reputations.

...

Jamie Gesswein, MIS network engineer at Children's Hospital of the King's Daughters in Norfolk, Va. ... still favors blocking general access to social-networking sites unless that access is really needed.

"Be careful of what you post," Gesswein says. "I know users who post anything on everything on these sites. It is at times almost a contest to see who can outdo whom."

He thinks social-networking enthusiasts may be missing the point that this posted information stays around for many years and could come back to haunt them if a job recruiter tries to find out about their digital past.

...

Gaby Dowling, manager for IT manager for international law firm Proskauer Rose, says there's a sound business argument for using social networking sites such as LinkedIn, but she worries about the potential for malware being spread by exploiting trust.

"The Koobface worm spread on Facebook was tricking you because you were receiving that from a trusted party," she points out.

"Social networking sites carry high risks of infecting systems with malware," says SystemExperts analyst Jonathan Gossels, who adds, "At a policy level, employees should not be visiting social-networking sites from production systems."
...

"A typical Facebook or MySpace user session ranges for a few minutes to tens of minutes so you could write an application that farms personally identifiable information," Schwartz said.


This is of course a good reminder not only to keep your end-user informed of the risks of social networking, but to make sure your secure web gateway proxy is up to date and running anti-malware protection to block attacks like the Koob face virus. The latest proxy technology should protect you from the malware threats found on social networking sites, but unfortunately won't protect your end-users from making bad decisions.

No comments: