Social media platforms can cause a lot of information leak from organizations. Through this article we discuss some key steps that can act as a guard against it
Social media is being touted as a great way to enhance your company’s visibility amongst your target audience, and allow your own employees to interact with each other as well as the outside world. While the former requires a well thought out strategy, the latter requires careful monitoring and control because there are lots of hidden security issues with it. This is besides the fact that they can reduce employee productivity and increase bandwidth costs because just about everyone would be hooked onto them.
There are lots of open communication channels in a company—email, SMS, phone, etc that can be used to leak information. But, all of these can be monitored and the recipients tracked. That’s not the case with social media. If you announce something on Twitter, then all your followers will get it, and if they retweet it, all their followers will get it. If it was an interesting tweet, then it would be all over the Internet in a very short span of time. The same thing goes for any other social media platform, be it LinkedIn, Facebook, Orkut, etc.The moment an information is made public, it can spread.
Most social media platforms have communities that host to like minded people. Micro blogging through Twitter has inculcated a habit of posting all current activity online. As a human tendency to boast about their work, achievement and current status, employees might post critical information regarding a project etc that they are working on. In this way, knowingly or unknowingly, the person has broadcasted that info to the world. Those with malicious intent can utilize this loop hole to lure people to disclose important company information. Until and unless one is the admin for a particular online group, he does not have much say or control over the people joining it. Thus there is always the fear of the unknown.
So a company that has allowed access to social media must put down some thumb rules about its usage as a first step. Next step would be to monitor its usage and enable selective access. Further on, one could completely ban access to social media. Some of the ways to do this have been discussed later.
The other problem with allowing social media usage on the organization network is some of the technical vulnerabilities that come bundled with them. To remain in the public eye constantly, some organizations use third party software like auto
tweets. One can be sure of a particular account posting some information or a particular link. But what if somebody has hacked into the auto tweet system and posted a malicious link which is accessible to all through the “trusted” account now.
The chances of one innocently licking on a malicious link being propagated through a trusted account are very high.
Blocking access with ClearOS
We used an open source firewall and content filtering solution called ClearOS (PCQuest, March 2011, http://bit.ly/hPmgTm). It’s an open source gateway level server with content filtering, time-based access control to the Net, protocol filtering, anti-malware and intrusion detection.
ClearOS like any other firewall gives us the option of blocking a specific URL. By this, we mean that any website like www.facebook.com can be blocked by ClearOS. This is helpful if we have identified a specific set of websites which the company wants to block.
One can also block the IP/IP range of websites using the firewall. This is helpful as some of the popular social networking websites, such as Facebook, are mirrored over a range of IP addresses. Blocking this range would help block all possible IPs through which Facebook can be accessed. Also, if a particular IP has been harmful to a network (a hacking attempt through this IP), the admin can go ahead and block the range of IPs thus minimising the risk of another attack from a probable set of IPs in this range.
The firewall gives us an option of blocking protocols also. Many social media sites, like Facebook, allow users to use the HTTPS protocol instead of HTTP to access it. So if you’ve blocked Facebook on HTTP, employees might secretly use HTTPS. Now if you block HTTPS, you’ll also block access to a lot of other sites that might be required, e.g. banking sites. In such a case, you can try and use keyword filters to block the word facebook.
Blocking web proxies
Another way that people visit websites that are otherwise banned in organizations are web proxies. You could access a web proxy, and browse the banned site through it. You have to check whether your firewall has rules to block well-known web proxies.
|< Prev||Next >|