Social media is here to stay and the numbers are
growing. According to industry statistics, there
are 2.2 billion active Facebook users and 500
million users on LinkedIn. An average of 50% of
the Facebook users log into their accounts on a
daily basis. 900 million of the active users
access Facebook using mobile devices. These
mobile device users are twice as active as
non-mobile users.
Your organization's staff are most likely
users of social media services. This can put
your systems at risk when a computer user logged
on to your network is using a browser to access
social media sites. If the workstation gets
infected by social media malware, the user's
workstation can be used to launch higher level
attacks against the internal network. Malware
can also lead to information disclosure and a
loss of data integrity.
While some organizations attempt to manage
social media risks by blocking access to these
sites, security managers know that there are
legitimate business needs when a sales
department needs to post information about a new
product or service, management uses LinkedIn for
business and professional networking, etc.
Instead of blocking all access to social
media sites, Altius IT recommends a five step
SMART approach to managing social media risks.
SMART Guide
Altius IT's SMART guide is a five step approach
to managing social media risks.
Security - implement
security from the top down. Desktop systems and
mobile devices should have protection against
malware and other related threats. Segment your
network to minimize a disruption should a user's
workstation be compromised.
Monitor - track user
activity and sites visited. If a user's
workstation becomes compromised after visiting a
social media site, record the event and use the
information to prevent other users from being
infected.
Administer - with over
150 major social media sites, your users are at
risk. Research and identify sites that contain
malware. Restrict and limit access to these
sites.
Reporting - report user
activity. Know the social media sites used by
your staff and ensure that there is a legitimate
business reason for accessing such sites.
Training - educate your
users about social media risks. Teach your users
not to click on html links on social media web
sites. Users of social media sites should have
passwords that are long and complex.
Resources
For more information on managing social media
risks, please see our Blog post
Social Engineering and Social Networking - Your
Users are a Target.
Network
security audits help ensure the
organization's assets have the proper security
controls in place.
Social
engineering security assessments help
protect your sensitive data and intellectual
property by evaluating and testing the
effectiveness of your employee security
education and awareness training. Formal and
documented policies
ensure a top down approach to managing social
media related risks.
Security Blog menu
Tags: social media security | social
networking security | social networking threats
| social engineering security assessment
|