SlideShare a Scribd company logo

Sophos social-media-wpna

Darlene Ford, MBA, PMI
Darlene Ford, MBA, PMI
TechnologyBusiness
1 of 6
Download to read offline
Social media in the enterprise: Great opportunities, great security risks Just as consumerization drove the iPhone’s rapid growth from a consumer device to an enterprise business tool, social media, too, is being embraced as an indispensable business tool. However, as social media is organically adopted for a growing array of uses, are its security challenges receiving the necessary scrutiny? This white paper examines the transformative business effects of this technology, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls. A Sophos white paper June 2010
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social media in the enterprise: Great opportunities, great security risks Social media arrives as an enterprise tool Securing enterprise social media Initially, social media use within enterprises was Given its origins, enterprise users might have seen as a distraction, a timewaster and a business concerns about security when deploying social drain as employees used work PCs and business media. According to a Sophos survey conducted time to update their personal Facebook accounts in December 2009, 60% of respondents believe and stay up to date with their peers’ activities. that Facebook presents the biggest security risk of Over time, some organizations became concerned the social networking sites, significantly ahead of about the loss of productivity; and because of MySpace, Twitter and LinkedIn. this threat, some even started blocking social networking sites. For others, simply imposing a blanket block was impractical. These organizations understood that banning these sites could pose a greater risk as some users would find ways to circumvent the ban to access these applications. These organizations also see value in social media sites and use it for quick updates among work groups, with tags and postings effectively replacing the traditional, more formal corporate communications infrastructure. Many enterprises are aggressively driving this shift to bring velocity and openness to communications, This survey also cited a 70% rise in the proportion and many organizations are adopting it. of firms that report encountering spam and malware attacks via social networks during 2009. Salesforce.com has pulled Facebook profiles into More than half of all companies surveyed said they its CRM offerings. LinkedIn has been plugged had received spam via social networking sites, and into Lotus Notes, providing direct integration over a third said they had received malware. with email. Twitter is broadly integrated into a 33.4% variety of dashboards commonly used in the Spammed? enterprise. Facebook alone boasts more than 57% 700,000 business accounts. The web app/thick 21% app mashups (combining two or more applications Phished? together to create a new derivative) have begun, 30% and with them comes a whole new world of opportunity and an interesting challenge in 21.2% Send Mallware? managing security. However, with such large and 36% widely used applications starting this integration, enterprise use is bound to accelerate further. Apr 2009 Dec 2009 1
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Furthermore, more than 72% of firms believe 1. Familiarize yourself with your that employees’ behavior on social networking organization’s social media policy so you sites could endanger their business’s security—an don’t inadvertently break the rules. increase from 66% in the previous study. The number of businesses that were targets for spam, 2. Choose sensible, strong, hard-to-guess phishing and malware via social networking sites passwords. Use at least 14 characters increased dramatically, with spam showing the and mix in upper- and lowercase letters, sharpest rise from 33.4% in April to 57% in numbers and symbols. December (Source: Sophos Security Threat Report: 2010). 3. Social networking sites are, by design, dependent on a large number of users. Always review default settings and avoid providing personal information such as your date of birth, mobile numbers and travel plans whenever possible. 4. Do not post images, pictures or information that might embarrass you, your company or your customers. 5. Avoid treating social networking sites as personal diaries. Assume that everyone including your boss, your family, your friends and your enemies can read whatever you post. This shows that malware authors and hackers go 6. Malware authors, spammers and wherever there is a captive audience. It is the real- phishers are increasingly active on social time, rich nature of these applications that attracts networking sites, and their methods are individuals, enterprises and hackers. As with other not always obvious. Be sure to visit these online activities, malware and hacking on social sites from a fully protected computer or media sites raise the risks of social engineering— device. getting users to run a program they should not, participate in a fake scheme or provide personally 7. Never click on links just because you identifiable information. Social media platforms are know the sender; malware will infect a by their very nature a target for malicious activity; user and then automatically fire itself out they provide direct access to victims in a rich, under their name to all their contacts. relatively open environment. 8. Be wary of spammers trying to connect Because of this, social media providers and users with you by sending invitations. If you must be vigilant about security as they work to don’t know the sender, the best thing to make it a sustainable and useful tool: do is ignore the request. 2
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social networks need to be more proactive • Contacts: No longer just an address regarding security to ensure users are safe and are book in your PC or a few saved numbers not misusing functionality. They should: on a phone, this is now a portable list of everyone you regularly communicate 1. Regularly and diligently scan links, with, organized according to the various content and messages that are shared business groups you belong to. It’s between users. Doing so will help similar to how you may group your list of determine if they are, for example, spam, friends by common interests, activities or malware or a phishing scam. locations. 2. Educate users about the attacks that • Activities: Activities are similar to your can happen online, and provide security personal interests, but with more of awareness pages that help alert users to a business slant. These include your the latest threats. preferred information sources, whom you contact regularly and what you read. 3. Enforce the use of sensible non-dictionary passwords. Standards for sharing contacts, activities and other data types are currently in development. Although 4. Block repeated attempts to guess this holds promise for improved applications passwords by increasing delay time. control, it also challenges organizations to develop Doing so will prevent brute-force attacks a business model that affords users the ability to against passwords. use these sites while protecting their personally identifiable information. So the question remains, how do organizations create these models? Future social media capabilities to proliferate use The industry has done a great deal of work in this area, and more is needed to deliver consistent, Social media also is transforming common trustworthy enterprise use. Enterprise security business functions, including: policies and global data protection policies should be reviewed, refreshed and monitored consistently • Authentication: Today’s social media to keep pace with evolving technology. Social platforms feature data and application media providers must make education a priority controls, which users should follow and keep users up to date on the potential risks to ensure appropriate security. In a associated with social networking use. Most world where services are increasingly importantly, a set of standards and tools must be accessible via standard APIs, permissions developed to help rein in potential threats and and authentication should be a critical keep social networking users out of harm’s way. requirement, but at this point they are not. • Identity: Identity is often considered to be synonymous with authentication—but identity is more than just a username and password. Many social media sites share this personal identifying information with the entire social networking community. 3
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks At Sophos, we’ve focused on the importance of Enterprises should expect strong integration of simplicity and enablement. Although an invisible social media in their environments, both as a tool security product sounds unusual, it is consistent to talk to the world and through direct integration with our goal of avoiding user disruption. As for with corporate applications. Consumerization could social media, the benefits are there, enterprises drive such technology in the enterprise organically, are willing—and someone needs to take a visible without recognition by the security staff. Planning stance. Even more fundamentally, we all need to for such integration and being ready to manage explore the vast implications of flexibility versus the process of adoption with risk management is security in our hugely connected world. critical. The most significant risk is usually the unplanned, mass-adopted behavior or technology change. Conclusion Social media is evolving at breakneck speed. There are huge benefits to be realized from the use of these technologies in the enterprise, such as enabling better collaboration and networking than ever before. These technologies will result in greater connectivity, greater integration and greater value through collaboration. 4
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Boston, USA | Oxford, UK © Copyright 2010. Sophos. All registered trademarks and copyrights are understood and recognized by Sophos. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means without the prior written permission of the publishers.

Recommended

Sophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 WpnaSophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 Wpnadelamm2
 
On The Business of social media
On The Business of social media On The Business of social media
On The Business of social media Doug Winfield
 
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperSocial Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperElizabeth Lupfer
 
Defense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticleDefense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticlePete Modigliani
 
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfTOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfЕвгений Храмов
 
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...Ryan Green
 
E Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevE Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevMarian Salzman
 
Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Regina Caffey
 

Recommended

Sophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 WpnaSophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 Wpnadelamm2
 
On The Business of social media
On The Business of social media On The Business of social media
On The Business of social media Doug Winfield
 
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperSocial Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperElizabeth Lupfer
 
Defense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticleDefense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticlePete Modigliani
 
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfTOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfЕвгений Храмов
 
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...Ryan Green
 
E Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevE Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevMarian Salzman
 
Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Regina Caffey
 
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...ESCP Exchange
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...ESCP Exchange
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Cuong Pham
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedBrian Crotty
 
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Retelur Marketing
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTommy Toy
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedBonfire Marketing Company
 
Mobile wp
Mobile wpMobile wp
Mobile wpPaulo Lopes
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012dhoncu
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaJoao Perez
 
3852 Socialnetworking Bk
3852 Socialnetworking Bk3852 Socialnetworking Bk
3852 Socialnetworking BkLeo Greeley
 
Introduction into Social Media
Introduction into Social MediaIntroduction into Social Media
Introduction into Social Mediastudente1000
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfTop 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfnich_marketing
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingSteven Duque
 
A3 cecconi
A3 cecconiA3 cecconi
A3 cecconimalealone
 
KGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaKGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaWalter Jennings
 
The Fortune 500 Blogging Index
The Fortune 500 Blogging IndexThe Fortune 500 Blogging Index
The Fortune 500 Blogging IndexBurson-Marsteller Schweiz
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relationsmctripletwo
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relationsmctripletwo
 
Organigrama Melany
Organigrama MelanyOrganigrama Melany
Organigrama MelanyMélany López Ramírez
 
CALIBAN WOMAN
CALIBAN WOMANCALIBAN WOMAN
CALIBAN WOMANmichela petrali
 
LE SARTE PETTEGOLE
LE SARTE PETTEGOLELE SARTE PETTEGOLE
LE SARTE PETTEGOLEmichela petrali
 

More Related Content

What's hot

Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...ESCP Exchange
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...ESCP Exchange
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Cuong Pham
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedBrian Crotty
 
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Retelur Marketing
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTommy Toy
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedBonfire Marketing Company
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012dhoncu
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaJoao Perez
 
3852 Socialnetworking Bk
3852 Socialnetworking Bk3852 Socialnetworking Bk
3852 Socialnetworking BkLeo Greeley
 
Introduction into Social Media
Introduction into Social MediaIntroduction into Social Media
Introduction into Social Mediastudente1000
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfTop 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfnich_marketing
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingSteven Duque
 
KGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaKGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaWalter Jennings
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relationsmctripletwo
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relationsmctripletwo
 

What's hot (19)

Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
 
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is Headed
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
 
Mobile wp
Mobile wpMobile wp
Mobile wp
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social media
 
3852 Socialnetworking Bk
3852 Socialnetworking Bk3852 Socialnetworking Bk
3852 Socialnetworking Bk
 
Introduction into Social Media
Introduction into Social MediaIntroduction into Social Media
Introduction into Social Media
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfTop 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
 
A3 cecconi
A3 cecconiA3 cecconi
A3 cecconi
 
KGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaKGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social media
 
The Fortune 500 Blogging Index
The Fortune 500 Blogging IndexThe Fortune 500 Blogging Index
The Fortune 500 Blogging Index
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
 

Viewers also liked

Pakistan Before n After Final V2
Pakistan Before n After Final V2Pakistan Before n After Final V2
Pakistan Before n After Final V2umairkhan1000
 
11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikan11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikanDewi Hiu Iskandar Hiu
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptualfelipe
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptualfelipe
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptualfelipe
 
Comparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencelComparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencelLakshoni Swamivel
 

Viewers also liked (18)

Organigrama Melany
Organigrama MelanyOrganigrama Melany
Organigrama Melany
 
CALIBAN WOMAN
CALIBAN WOMANCALIBAN WOMAN
CALIBAN WOMAN
 
LE SARTE PETTEGOLE
LE SARTE PETTEGOLELE SARTE PETTEGOLE
LE SARTE PETTEGOLE
 
GUGLIELMINOTTI man
GUGLIELMINOTTI manGUGLIELMINOTTI man
GUGLIELMINOTTI man
 
DNL
DNLDNL
DNL
 
GRUPPOMATTEI
GRUPPOMATTEIGRUPPOMATTEI
GRUPPOMATTEI
 
Pakistan Before n After Final V2
Pakistan Before n After Final V2Pakistan Before n After Final V2
Pakistan Before n After Final V2
 
GUGLIELMINOTTI woman
GUGLIELMINOTTI womanGUGLIELMINOTTI woman
GUGLIELMINOTTI woman
 
CALIBAN MAN
CALIBAN MANCALIBAN MAN
CALIBAN MAN
 
Dynamics Of Gdp
Dynamics Of GdpDynamics Of Gdp
Dynamics Of Gdp
 
Year 2 Camp
Year 2 CampYear 2 Camp
Year 2 Camp
 
11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikan11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikan
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Paths
PathsPaths
Paths
 
Medi tech
Medi techMedi tech
Medi tech
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Comparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencelComparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencel
 

Similar to Sophos social-media-wpna

Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSchleighS
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity FinalCindy Kim
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentationrevaathey
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentationrevaathey
 
Unisys social computing services nov2012
Unisys social computing services nov2012Unisys social computing services nov2012
Unisys social computing services nov2012Unisys Corporation
 
Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...Alexander Larsen
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageCindy Kim
 
DLA Piper Social media report 2011
DLA Piper Social media report 2011DLA Piper Social media report 2011
DLA Piper Social media report 2011Alexander Krastev
 
Social Networking In The Workplace Public Version
Social Networking In The Workplace Public VersionSocial Networking In The Workplace Public Version
Social Networking In The Workplace Public VersionBolin Digital
 
Understanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One VenturesUnderstanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One VenturesAngela Tran Kingyens
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Interlat
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security SurveyBee_Ware
 
Social Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic ApproachSocial Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic Approachlinkedinlion11
 
Social Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage EmployeesSocial Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage EmployeesBryce Maddock
 
Mcafee web20-balancingact
Mcafee web20-balancingactMcafee web20-balancingact
Mcafee web20-balancingactDigital Pymes
 
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docxCase 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docxannandleola
 
Huddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media toolsHuddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media toolsAndy McLoughlin
 

Similar to Sophos social-media-wpna (20)

Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security Whitepaper
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity Final
 
Social Media and Identity
Social Media and IdentitySocial Media and Identity
Social Media and Identity
 
Social Media and Identity
Social Media and IdentitySocial Media and Identity
Social Media and Identity
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 
Unisys social computing services nov2012
Unisys social computing services nov2012Unisys social computing services nov2012
Unisys social computing services nov2012
 
Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
 
DLA Piper Social media report 2011
DLA Piper Social media report 2011DLA Piper Social media report 2011
DLA Piper Social media report 2011
 
Social Networking In The Workplace Public Version
Social Networking In The Workplace Public VersionSocial Networking In The Workplace Public Version
Social Networking In The Workplace Public Version
 
Understanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One VenturesUnderstanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One Ventures
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security Survey
 
Web2.0 report McAfee
Web2.0 report McAfeeWeb2.0 report McAfee
Web2.0 report McAfee
 
Social Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic ApproachSocial Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic Approach
 
Social Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage EmployeesSocial Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage Employees
 
Mcafee web20-balancingact
Mcafee web20-balancingactMcafee web20-balancingact
Mcafee web20-balancingact
 
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docxCase 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
 
Huddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media toolsHuddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media tools
 

Recently uploaded

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Sophos social-media-wpna

  • 1. Social media in the enterprise: Great opportunities, great security risks Just as consumerization drove the iPhone’s rapid growth from a consumer device to an enterprise business tool, social media, too, is being embraced as an indispensable business tool. However, as social media is organically adopted for a growing array of uses, are its security challenges receiving the necessary scrutiny? This white paper examines the transformative business effects of this technology, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls. A Sophos white paper June 2010
  • 2. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social media in the enterprise: Great opportunities, great security risks Social media arrives as an enterprise tool Securing enterprise social media Initially, social media use within enterprises was Given its origins, enterprise users might have seen as a distraction, a timewaster and a business concerns about security when deploying social drain as employees used work PCs and business media. According to a Sophos survey conducted time to update their personal Facebook accounts in December 2009, 60% of respondents believe and stay up to date with their peers’ activities. that Facebook presents the biggest security risk of Over time, some organizations became concerned the social networking sites, significantly ahead of about the loss of productivity; and because of MySpace, Twitter and LinkedIn. this threat, some even started blocking social networking sites. For others, simply imposing a blanket block was impractical. These organizations understood that banning these sites could pose a greater risk as some users would find ways to circumvent the ban to access these applications. These organizations also see value in social media sites and use it for quick updates among work groups, with tags and postings effectively replacing the traditional, more formal corporate communications infrastructure. Many enterprises are aggressively driving this shift to bring velocity and openness to communications, This survey also cited a 70% rise in the proportion and many organizations are adopting it. of firms that report encountering spam and malware attacks via social networks during 2009. Salesforce.com has pulled Facebook profiles into More than half of all companies surveyed said they its CRM offerings. LinkedIn has been plugged had received spam via social networking sites, and into Lotus Notes, providing direct integration over a third said they had received malware. with email. Twitter is broadly integrated into a 33.4% variety of dashboards commonly used in the Spammed? enterprise. Facebook alone boasts more than 57% 700,000 business accounts. The web app/thick 21% app mashups (combining two or more applications Phished? together to create a new derivative) have begun, 30% and with them comes a whole new world of opportunity and an interesting challenge in 21.2% Send Mallware? managing security. However, with such large and 36% widely used applications starting this integration, enterprise use is bound to accelerate further. Apr 2009 Dec 2009 1
  • 3. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Furthermore, more than 72% of firms believe 1. Familiarize yourself with your that employees’ behavior on social networking organization’s social media policy so you sites could endanger their business’s security—an don’t inadvertently break the rules. increase from 66% in the previous study. The number of businesses that were targets for spam, 2. Choose sensible, strong, hard-to-guess phishing and malware via social networking sites passwords. Use at least 14 characters increased dramatically, with spam showing the and mix in upper- and lowercase letters, sharpest rise from 33.4% in April to 57% in numbers and symbols. December (Source: Sophos Security Threat Report: 2010). 3. Social networking sites are, by design, dependent on a large number of users. Always review default settings and avoid providing personal information such as your date of birth, mobile numbers and travel plans whenever possible. 4. Do not post images, pictures or information that might embarrass you, your company or your customers. 5. Avoid treating social networking sites as personal diaries. Assume that everyone including your boss, your family, your friends and your enemies can read whatever you post. This shows that malware authors and hackers go 6. Malware authors, spammers and wherever there is a captive audience. It is the real- phishers are increasingly active on social time, rich nature of these applications that attracts networking sites, and their methods are individuals, enterprises and hackers. As with other not always obvious. Be sure to visit these online activities, malware and hacking on social sites from a fully protected computer or media sites raise the risks of social engineering— device. getting users to run a program they should not, participate in a fake scheme or provide personally 7. Never click on links just because you identifiable information. Social media platforms are know the sender; malware will infect a by their very nature a target for malicious activity; user and then automatically fire itself out they provide direct access to victims in a rich, under their name to all their contacts. relatively open environment. 8. Be wary of spammers trying to connect Because of this, social media providers and users with you by sending invitations. If you must be vigilant about security as they work to don’t know the sender, the best thing to make it a sustainable and useful tool: do is ignore the request. 2
  • 4. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social networks need to be more proactive • Contacts: No longer just an address regarding security to ensure users are safe and are book in your PC or a few saved numbers not misusing functionality. They should: on a phone, this is now a portable list of everyone you regularly communicate 1. Regularly and diligently scan links, with, organized according to the various content and messages that are shared business groups you belong to. It’s between users. Doing so will help similar to how you may group your list of determine if they are, for example, spam, friends by common interests, activities or malware or a phishing scam. locations. 2. Educate users about the attacks that • Activities: Activities are similar to your can happen online, and provide security personal interests, but with more of awareness pages that help alert users to a business slant. These include your the latest threats. preferred information sources, whom you contact regularly and what you read. 3. Enforce the use of sensible non-dictionary passwords. Standards for sharing contacts, activities and other data types are currently in development. Although 4. Block repeated attempts to guess this holds promise for improved applications passwords by increasing delay time. control, it also challenges organizations to develop Doing so will prevent brute-force attacks a business model that affords users the ability to against passwords. use these sites while protecting their personally identifiable information. So the question remains, how do organizations create these models? Future social media capabilities to proliferate use The industry has done a great deal of work in this area, and more is needed to deliver consistent, Social media also is transforming common trustworthy enterprise use. Enterprise security business functions, including: policies and global data protection policies should be reviewed, refreshed and monitored consistently • Authentication: Today’s social media to keep pace with evolving technology. Social platforms feature data and application media providers must make education a priority controls, which users should follow and keep users up to date on the potential risks to ensure appropriate security. In a associated with social networking use. Most world where services are increasingly importantly, a set of standards and tools must be accessible via standard APIs, permissions developed to help rein in potential threats and and authentication should be a critical keep social networking users out of harm’s way. requirement, but at this point they are not. • Identity: Identity is often considered to be synonymous with authentication—but identity is more than just a username and password. Many social media sites share this personal identifying information with the entire social networking community. 3
  • 5. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks At Sophos, we’ve focused on the importance of Enterprises should expect strong integration of simplicity and enablement. Although an invisible social media in their environments, both as a tool security product sounds unusual, it is consistent to talk to the world and through direct integration with our goal of avoiding user disruption. As for with corporate applications. Consumerization could social media, the benefits are there, enterprises drive such technology in the enterprise organically, are willing—and someone needs to take a visible without recognition by the security staff. Planning stance. Even more fundamentally, we all need to for such integration and being ready to manage explore the vast implications of flexibility versus the process of adoption with risk management is security in our hugely connected world. critical. The most significant risk is usually the unplanned, mass-adopted behavior or technology change. Conclusion Social media is evolving at breakneck speed. There are huge benefits to be realized from the use of these technologies in the enterprise, such as enabling better collaboration and networking than ever before. These technologies will result in greater connectivity, greater integration and greater value through collaboration. 4
  • 6. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Boston, USA | Oxford, UK © Copyright 2010. Sophos. All registered trademarks and copyrights are understood and recognized by Sophos. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means without the prior written permission of the publishers.