by June 1, 2011 0 comments



Social media is being touted as a great way to enhance your company’s visibility amongst your target audience, and allow your own employees to interact with each other as well as the outside world. While the former requires a well thought out strategy, the latter requires careful monitoring and control because there are lots of hidden security issues with it. This is besides the fact that they can reduce employee productivity and increase bandwidth costs because just about everyone would be hooked onto them.

Applies To: CIOs
USP: Learn about the security threats from social media and how to block them
Primary Link: Security Case Studies: http://bit.ly/mCdLJv
Beef up your website security: http://bit.ly/mATtxg
Search Engine Keywords: Threats from social media, block social media

Social engineering

There are lots of open communication channels in a company–email, SMS, phone, etc that can be used to leak information. But, all of these can be monitored and the recipients tracked. That’s not the case with social media. If you announce something on Twitter, then all your followers will get it, and if they retweet it, all their followers will get it. If it was an interesting tweet, then it would be all over the Internet in a very short span of time. The same thing goes for any other social media platform, be it LinkedIn, Facebook, Orkut, etc.The moment an information is made public, it can spread.

Most social media platforms have communities that host to like minded people. Micro blogging through Twitter has inculcated a habit of posting all current activity online. As a human tendency to boast about their work, achievement and current status, employees might post critical information regarding a project etc that they are working on. In this way, knowingly or unknowingly, the person has broadcasted that info to the world. Those with malicious intent can utilize this loop hole to lure people to disclose important company information. Until and unless one is the admin for a particular online group, he does not have much say or control over the people joining it. Thus there is always the fear of the unknown.

So a company that has allowed access to social media must put down some thumb rules about its usage as a first step. Next step would be to monitor its usage and enable selective access. Further on, one could completely ban access to social media. Some of the ways to do this have been discussed later.



Technical vulnerabilities

The other problem with allowing social media usageon the organization network is some of the technicalvulnerabilities that come bundled with them. To re-main in the public eye constantly, some organizations use third party software like auto tweets. Onecan be sure of a particular account posting some in-formation or a particular link. But what if somebodyhas hacked into the auto tweet system and posted amalicious link which is accessible to all through the“trusted” account now.

[image_library_tag 780/65780, border=”0″ align=”middle” hspace=”4″ vspace=”4″ ,default]

The chances of one innocently licking on a maliciouslink being propagated through a trusted account arevery high.

Blocking access with ClearOS

We used an open source firewall and content filteringsolution called ClearOS (PCQuest, March 2011,http://bit.ly/hPmgTm). It’s an open source gatewaylevel server with content filtering, time-based accesscontrol to the Net, protocol filtering, anti-malware andintrusion detection.

URL blocking

ClearOS like any other firewall gives us the option ofblocking a specific URL. By this, we mean that anywebsite like www.facebook.com can be blocked byClearOS. This is helpful if we have identified a specificset of websites which the company wants to block.

IP blocking

One can also block the IP/IP range of websites usingthe firewall. This is helpful as some of the popular so-cial networking websites, such as Facebook, are mir-rored over a range of IP addresses. Blocking thisrange would help block all possible IPs through whichFacebook can be accessed. Also, if a particular IP hasbeen harmful to a network (a hacking attempt throughthis IP), the admin can go ahead and block the rangeof IPs thus minimizing the risk of another attack froma probable set of IPs in this range.

Protocol blocking

The firewall gives us an option of blocking protocolsalso. Many social media sites, like Facebook, allowusers to use the HTTPS protocol instead of HTTP toaccess it. So if you’ve blocked Facebook on HTTP, em-ployees might secretly use HTTPS. Now if you blockHTTPS, you’ll also block access to a lot of other sitesthat might be required, e.g. banking sites. In such acase, you can try and use keyword filters to block the word facebook.

Blocking web proxies

Another way that people visit websites that are other-wise banned in organizations are web proxies. Youcould access a web proxy, and browse the banned sitethrough it. You have to check whether your firewallhas rules to block well-known web proxies.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.