SlideShare ist ein Scribd-Unternehmen logo

Sophos social-media-wpna

Darlene Ford, MBA, PMI
Darlene Ford, MBA, PMI
TechnologieBusiness
1 von 6
Downloaden Sie, um offline zu lesen
Social media in the enterprise: Great opportunities, great security risks Just as consumerization drove the iPhone’s rapid growth from a consumer device to an enterprise business tool, social media, too, is being embraced as an indispensable business tool. However, as social media is organically adopted for a growing array of uses, are its security challenges receiving the necessary scrutiny? This white paper examines the transformative business effects of this technology, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls. A Sophos white paper June 2010
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social media in the enterprise: Great opportunities, great security risks Social media arrives as an enterprise tool Securing enterprise social media Initially, social media use within enterprises was Given its origins, enterprise users might have seen as a distraction, a timewaster and a business concerns about security when deploying social drain as employees used work PCs and business media. According to a Sophos survey conducted time to update their personal Facebook accounts in December 2009, 60% of respondents believe and stay up to date with their peers’ activities. that Facebook presents the biggest security risk of Over time, some organizations became concerned the social networking sites, significantly ahead of about the loss of productivity; and because of MySpace, Twitter and LinkedIn. this threat, some even started blocking social networking sites. For others, simply imposing a blanket block was impractical. These organizations understood that banning these sites could pose a greater risk as some users would find ways to circumvent the ban to access these applications. These organizations also see value in social media sites and use it for quick updates among work groups, with tags and postings effectively replacing the traditional, more formal corporate communications infrastructure. Many enterprises are aggressively driving this shift to bring velocity and openness to communications, This survey also cited a 70% rise in the proportion and many organizations are adopting it. of firms that report encountering spam and malware attacks via social networks during 2009. Salesforce.com has pulled Facebook profiles into More than half of all companies surveyed said they its CRM offerings. LinkedIn has been plugged had received spam via social networking sites, and into Lotus Notes, providing direct integration over a third said they had received malware. with email. Twitter is broadly integrated into a 33.4% variety of dashboards commonly used in the Spammed? enterprise. Facebook alone boasts more than 57% 700,000 business accounts. The web app/thick 21% app mashups (combining two or more applications Phished? together to create a new derivative) have begun, 30% and with them comes a whole new world of opportunity and an interesting challenge in 21.2% Send Mallware? managing security. However, with such large and 36% widely used applications starting this integration, enterprise use is bound to accelerate further. Apr 2009 Dec 2009 1
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Furthermore, more than 72% of firms believe 1. Familiarize yourself with your that employees’ behavior on social networking organization’s social media policy so you sites could endanger their business’s security—an don’t inadvertently break the rules. increase from 66% in the previous study. The number of businesses that were targets for spam, 2. Choose sensible, strong, hard-to-guess phishing and malware via social networking sites passwords. Use at least 14 characters increased dramatically, with spam showing the and mix in upper- and lowercase letters, sharpest rise from 33.4% in April to 57% in numbers and symbols. December (Source: Sophos Security Threat Report: 2010). 3. Social networking sites are, by design, dependent on a large number of users. Always review default settings and avoid providing personal information such as your date of birth, mobile numbers and travel plans whenever possible. 4. Do not post images, pictures or information that might embarrass you, your company or your customers. 5. Avoid treating social networking sites as personal diaries. Assume that everyone including your boss, your family, your friends and your enemies can read whatever you post. This shows that malware authors and hackers go 6. Malware authors, spammers and wherever there is a captive audience. It is the real- phishers are increasingly active on social time, rich nature of these applications that attracts networking sites, and their methods are individuals, enterprises and hackers. As with other not always obvious. Be sure to visit these online activities, malware and hacking on social sites from a fully protected computer or media sites raise the risks of social engineering— device. getting users to run a program they should not, participate in a fake scheme or provide personally 7. Never click on links just because you identifiable information. Social media platforms are know the sender; malware will infect a by their very nature a target for malicious activity; user and then automatically fire itself out they provide direct access to victims in a rich, under their name to all their contacts. relatively open environment. 8. Be wary of spammers trying to connect Because of this, social media providers and users with you by sending invitations. If you must be vigilant about security as they work to don’t know the sender, the best thing to make it a sustainable and useful tool: do is ignore the request. 2
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social networks need to be more proactive • Contacts: No longer just an address regarding security to ensure users are safe and are book in your PC or a few saved numbers not misusing functionality. They should: on a phone, this is now a portable list of everyone you regularly communicate 1. Regularly and diligently scan links, with, organized according to the various content and messages that are shared business groups you belong to. It’s between users. Doing so will help similar to how you may group your list of determine if they are, for example, spam, friends by common interests, activities or malware or a phishing scam. locations. 2. Educate users about the attacks that • Activities: Activities are similar to your can happen online, and provide security personal interests, but with more of awareness pages that help alert users to a business slant. These include your the latest threats. preferred information sources, whom you contact regularly and what you read. 3. Enforce the use of sensible non-dictionary passwords. Standards for sharing contacts, activities and other data types are currently in development. Although 4. Block repeated attempts to guess this holds promise for improved applications passwords by increasing delay time. control, it also challenges organizations to develop Doing so will prevent brute-force attacks a business model that affords users the ability to against passwords. use these sites while protecting their personally identifiable information. So the question remains, how do organizations create these models? Future social media capabilities to proliferate use The industry has done a great deal of work in this area, and more is needed to deliver consistent, Social media also is transforming common trustworthy enterprise use. Enterprise security business functions, including: policies and global data protection policies should be reviewed, refreshed and monitored consistently • Authentication: Today’s social media to keep pace with evolving technology. Social platforms feature data and application media providers must make education a priority controls, which users should follow and keep users up to date on the potential risks to ensure appropriate security. In a associated with social networking use. Most world where services are increasingly importantly, a set of standards and tools must be accessible via standard APIs, permissions developed to help rein in potential threats and and authentication should be a critical keep social networking users out of harm’s way. requirement, but at this point they are not. • Identity: Identity is often considered to be synonymous with authentication—but identity is more than just a username and password. Many social media sites share this personal identifying information with the entire social networking community. 3
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks At Sophos, we’ve focused on the importance of Enterprises should expect strong integration of simplicity and enablement. Although an invisible social media in their environments, both as a tool security product sounds unusual, it is consistent to talk to the world and through direct integration with our goal of avoiding user disruption. As for with corporate applications. Consumerization could social media, the benefits are there, enterprises drive such technology in the enterprise organically, are willing—and someone needs to take a visible without recognition by the security staff. Planning stance. Even more fundamentally, we all need to for such integration and being ready to manage explore the vast implications of flexibility versus the process of adoption with risk management is security in our hugely connected world. critical. The most significant risk is usually the unplanned, mass-adopted behavior or technology change. Conclusion Social media is evolving at breakneck speed. There are huge benefits to be realized from the use of these technologies in the enterprise, such as enabling better collaboration and networking than ever before. These technologies will result in greater connectivity, greater integration and greater value through collaboration. 4
A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Boston, USA | Oxford, UK © Copyright 2010. Sophos. All registered trademarks and copyrights are understood and recognized by Sophos. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means without the prior written permission of the publishers.

Empfohlen

Sophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 WpnaSophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 Wpna
delamm2
 
On The Business of social media
On The Business of social media On The Business of social media
On The Business of social media
Doug Winfield
 
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperSocial Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Elizabeth Lupfer
 
Defense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticleDefense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 Article
Pete Modigliani
 
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfTOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
Евгений Храмов
 
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
Ryan Green
 
E Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevE Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez Rev
Marian Salzman
 
Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1
Regina Caffey
 

Empfohlen

Sophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 WpnaSophos Security Threat Report Jan 2010 Wpna
Sophos Security Threat Report Jan 2010 Wpna
delamm2
 
On The Business of social media
On The Business of social media On The Business of social media
On The Business of social media
Doug Winfield
 
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks WhitepaperSocial Media: Embracing the Opportunities, Averting the Risks Whitepaper
Social Media: Embracing the Opportunities, Averting the Risks Whitepaper
Elizabeth Lupfer
 
Defense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 ArticleDefense Acquisition Enterprise 2.0 Article
Defense Acquisition Enterprise 2.0 Article
Pete Modigliani
 
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdfTOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
TOP-10 Need-to-knows About Social Networking And Where It Is Headed.pdf
Евгений Храмов
 
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
It’s a Social World: Top 10 Need-to-Knows About Social Networking and Where I...
Ryan Green
 
E Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez RevE Usoc Med Wp 05 Ww Lo Rez Rev
E Usoc Med Wp 05 Ww Lo Rez Rev
Marian Salzman
 
Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1Social media apps white paper aug 2010 1
Social media apps white paper aug 2010 1
Regina Caffey
 
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
ESCP Exchange
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
ESCP Exchange
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011
Cuong Pham
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Brian Crotty
 
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Retelur Marketing
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is Headed
Tommy Toy
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Bonfire Marketing Company
 
Mobile wp
Mobile wpMobile wp
Mobile wp
Paulo Lopes
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012
dhoncu
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social media
Joao Perez
 
3852 Socialnetworking Bk
3852 Socialnetworking Bk3852 Socialnetworking Bk
3852 Socialnetworking Bk
Leo Greeley
 
Introduction into Social Media
Introduction into Social MediaIntroduction into Social Media
Introduction into Social Media
studente1000
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfTop 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
nich_marketing
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Steven Duque
 
A3 cecconi
A3 cecconiA3 cecconi
A3 cecconi
malealone
 
KGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaKGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social media
Walter Jennings
 
The Fortune 500 Blogging Index
The Fortune 500 Blogging IndexThe Fortune 500 Blogging Index
The Fortune 500 Blogging Index
Burson-Marsteller Schweiz
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
mctripletwo
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
mctripletwo
 
Organigrama Melany
Organigrama MelanyOrganigrama Melany
Organigrama Melany
Mélany López Ramírez
 
CALIBAN WOMAN
CALIBAN WOMANCALIBAN WOMAN
CALIBAN WOMAN
michela petrali
 
LE SARTE PETTEGOLE
LE SARTE PETTEGOLELE SARTE PETTEGOLE
LE SARTE PETTEGOLE
michela petrali
 

Weitere ähnliche Inhalte

Was ist angesagt?

Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
ESCP Exchange
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
ESCP Exchange
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011
Cuong Pham
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Brian Crotty
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is Headed
Tommy Toy
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Bonfire Marketing Company
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012
dhoncu
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social media
Joao Perez
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Steven Duque
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
mctripletwo
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
mctripletwo
 

Was ist angesagt? (19)

Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...Kaplan & Haenlein - The early bird catches the news nine things you should kn...
Kaplan & Haenlein - The early bird catches the news nine things you should kn...
 
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
Kaplan & Haenlein - Users of the world, unite - the challenges and opportunit...
 
Social Mobile User Engagement 2011
Social Mobile User Engagement 2011Social Mobile User Engagement 2011
Social Mobile User Engagement 2011
 
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headedComscore Top 10 need-to-knows about social networking_and_where_it_is_headed
Comscore Top 10 need-to-knows about social networking_and_where_it_is_headed
 
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
Top 10 Need-to-Knows About Social Networking and Where It’s Headed (ComScore)...
 
Top 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is HeadedTop 10 Need To Knows About Social Networking and Where It Is Headed
Top 10 Need To Knows About Social Networking and Where It Is Headed
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headedTop 10 need-to-knows_about_social_networking_and_where_it_is_headed
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed
 
Mobile wp
Mobile wpMobile wp
Mobile wp
 
Recruiter Report 2012
Recruiter Report 2012Recruiter Report 2012
Recruiter Report 2012
 
Security essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social mediaSecurity essentials for CIOs - Navigating the risks and rewards of social media
Security essentials for CIOs - Navigating the risks and rewards of social media
 
3852 Socialnetworking Bk
3852 Socialnetworking Bk3852 Socialnetworking Bk
3852 Socialnetworking Bk
 
Introduction into Social Media
Introduction into Social MediaIntroduction into Social Media
Introduction into Social Media
 
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdfTop 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
Top 10 need-to-knows_about_social_networking_and_where_it_is_headed.pdf
 
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media RecruitingBullhorn Reach: 2012 Activity Report | Social Media Recruiting
Bullhorn Reach: 2012 Activity Report | Social Media Recruiting
 
A3 cecconi
A3 cecconiA3 cecconi
A3 cecconi
 
KGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social mediaKGA for CCBF - Corporate reputation and social media
KGA for CCBF - Corporate reputation and social media
 
The Fortune 500 Blogging Index
The Fortune 500 Blogging IndexThe Fortune 500 Blogging Index
The Fortune 500 Blogging Index
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
 
Mapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public RelationsMapping The Consequences Of Technology On Public Relations
Mapping The Consequences Of Technology On Public Relations
 

Andere mochten auch

Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
felipe
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
felipe
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
felipe
 
Comparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencelComparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencel
Lakshoni Swamivel
 

Andere mochten auch (18)

Organigrama Melany
Organigrama MelanyOrganigrama Melany
Organigrama Melany
 
CALIBAN WOMAN
CALIBAN WOMANCALIBAN WOMAN
CALIBAN WOMAN
 
LE SARTE PETTEGOLE
LE SARTE PETTEGOLELE SARTE PETTEGOLE
LE SARTE PETTEGOLE
 
GUGLIELMINOTTI man
GUGLIELMINOTTI manGUGLIELMINOTTI man
GUGLIELMINOTTI man
 
DNL
DNLDNL
DNL
 
GRUPPOMATTEI
GRUPPOMATTEIGRUPPOMATTEI
GRUPPOMATTEI
 
Pakistan Before n After Final V2
Pakistan Before n After Final V2Pakistan Before n After Final V2
Pakistan Before n After Final V2
 
GUGLIELMINOTTI woman
GUGLIELMINOTTI womanGUGLIELMINOTTI woman
GUGLIELMINOTTI woman
 
CALIBAN MAN
CALIBAN MANCALIBAN MAN
CALIBAN MAN
 
Dynamics Of Gdp
Dynamics Of GdpDynamics Of Gdp
Dynamics Of Gdp
 
Year 2 Camp
Year 2 CampYear 2 Camp
Year 2 Camp
 
11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikan11.kelemahan dalam pembentangan & penambahbaikan
11.kelemahan dalam pembentangan & penambahbaikan
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Paths
PathsPaths
Paths
 
Medi tech
Medi techMedi tech
Medi tech
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Marco conceptual
Marco conceptualMarco conceptual
Marco conceptual
 
Comparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencelComparative study on cotton, polyester and tencel
Comparative study on cotton, polyester and tencel
 

Ähnlich wie Sophos social-media-wpna

Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security Whitepaper
SchleighS
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity Final
Cindy Kim
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
revaathey
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
revaathey
 
Unisys social computing services nov2012
Unisys social computing services nov2012Unisys social computing services nov2012
Unisys social computing services nov2012
Unisys Corporation
 
DLA Piper Social media report 2011
DLA Piper Social media report 2011DLA Piper Social media report 2011
DLA Piper Social media report 2011
Alexander Krastev
 
Social Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic ApproachSocial Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic Approach
linkedinlion11
 
Mcafee web20-balancingact
Mcafee web20-balancingactMcafee web20-balancingact
Mcafee web20-balancingact
Digital Pymes
 
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docxCase 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
annandleola
 

Ähnlich wie Sophos social-media-wpna (20)

Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security Whitepaper
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity Final
 
Social Media and Identity
Social Media and IdentitySocial Media and Identity
Social Media and Identity
 
Social Media and Identity
Social Media and IdentitySocial Media and Identity
Social Media and Identity
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 
It consumerisation presentation
It consumerisation presentationIt consumerisation presentation
It consumerisation presentation
 
Unisys social computing services nov2012
Unisys social computing services nov2012Unisys social computing services nov2012
Unisys social computing services nov2012
 
Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...Social media Risk Management Presentation Sample (Animations don't work in sl...
Social media Risk Management Presentation Sample (Animations don't work in sl...
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
 
DLA Piper Social media report 2011
DLA Piper Social media report 2011DLA Piper Social media report 2011
DLA Piper Social media report 2011
 
Social Networking In The Workplace Public Version
Social Networking In The Workplace Public VersionSocial Networking In The Workplace Public Version
Social Networking In The Workplace Public Version
 
Understanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One VenturesUnderstanding Social Platforms by Version One Ventures
Understanding Social Platforms by Version One Ventures
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security Survey
 
Web2.0 report McAfee
Web2.0 report McAfeeWeb2.0 report McAfee
Web2.0 report McAfee
 
Social Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic ApproachSocial Networking in the Business World: A Strategic Approach
Social Networking in the Business World: A Strategic Approach
 
Social Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage EmployeesSocial Media for Human Resources - Hire, Retain and Leverage Employees
Social Media for Human Resources - Hire, Retain and Leverage Employees
 
Mcafee web20-balancingact
Mcafee web20-balancingactMcafee web20-balancingact
Mcafee web20-balancingact
 
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docxCase 18Social Networking and Social ResponsibilityThe Beginn.docx
Case 18Social Networking and Social ResponsibilityThe Beginn.docx
 
Huddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media toolsHuddle Webinar - Engaging your workforce with social media tools
Huddle Webinar - Engaging your workforce with social media tools
 

Kürzlich hochgeladen

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Kürzlich hochgeladen (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Sophos social-media-wpna

  • 1. Social media in the enterprise: Great opportunities, great security risks Just as consumerization drove the iPhone’s rapid growth from a consumer device to an enterprise business tool, social media, too, is being embraced as an indispensable business tool. However, as social media is organically adopted for a growing array of uses, are its security challenges receiving the necessary scrutiny? This white paper examines the transformative business effects of this technology, explores its evolution and presents ways businesses can realize its full benefits while avoiding potentially serious pitfalls. A Sophos white paper June 2010
  • 2. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social media in the enterprise: Great opportunities, great security risks Social media arrives as an enterprise tool Securing enterprise social media Initially, social media use within enterprises was Given its origins, enterprise users might have seen as a distraction, a timewaster and a business concerns about security when deploying social drain as employees used work PCs and business media. According to a Sophos survey conducted time to update their personal Facebook accounts in December 2009, 60% of respondents believe and stay up to date with their peers’ activities. that Facebook presents the biggest security risk of Over time, some organizations became concerned the social networking sites, significantly ahead of about the loss of productivity; and because of MySpace, Twitter and LinkedIn. this threat, some even started blocking social networking sites. For others, simply imposing a blanket block was impractical. These organizations understood that banning these sites could pose a greater risk as some users would find ways to circumvent the ban to access these applications. These organizations also see value in social media sites and use it for quick updates among work groups, with tags and postings effectively replacing the traditional, more formal corporate communications infrastructure. Many enterprises are aggressively driving this shift to bring velocity and openness to communications, This survey also cited a 70% rise in the proportion and many organizations are adopting it. of firms that report encountering spam and malware attacks via social networks during 2009. Salesforce.com has pulled Facebook profiles into More than half of all companies surveyed said they its CRM offerings. LinkedIn has been plugged had received spam via social networking sites, and into Lotus Notes, providing direct integration over a third said they had received malware. with email. Twitter is broadly integrated into a 33.4% variety of dashboards commonly used in the Spammed? enterprise. Facebook alone boasts more than 57% 700,000 business accounts. The web app/thick 21% app mashups (combining two or more applications Phished? together to create a new derivative) have begun, 30% and with them comes a whole new world of opportunity and an interesting challenge in 21.2% Send Mallware? managing security. However, with such large and 36% widely used applications starting this integration, enterprise use is bound to accelerate further. Apr 2009 Dec 2009 1
  • 3. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Furthermore, more than 72% of firms believe 1. Familiarize yourself with your that employees’ behavior on social networking organization’s social media policy so you sites could endanger their business’s security—an don’t inadvertently break the rules. increase from 66% in the previous study. The number of businesses that were targets for spam, 2. Choose sensible, strong, hard-to-guess phishing and malware via social networking sites passwords. Use at least 14 characters increased dramatically, with spam showing the and mix in upper- and lowercase letters, sharpest rise from 33.4% in April to 57% in numbers and symbols. December (Source: Sophos Security Threat Report: 2010). 3. Social networking sites are, by design, dependent on a large number of users. Always review default settings and avoid providing personal information such as your date of birth, mobile numbers and travel plans whenever possible. 4. Do not post images, pictures or information that might embarrass you, your company or your customers. 5. Avoid treating social networking sites as personal diaries. Assume that everyone including your boss, your family, your friends and your enemies can read whatever you post. This shows that malware authors and hackers go 6. Malware authors, spammers and wherever there is a captive audience. It is the real- phishers are increasingly active on social time, rich nature of these applications that attracts networking sites, and their methods are individuals, enterprises and hackers. As with other not always obvious. Be sure to visit these online activities, malware and hacking on social sites from a fully protected computer or media sites raise the risks of social engineering— device. getting users to run a program they should not, participate in a fake scheme or provide personally 7. Never click on links just because you identifiable information. Social media platforms are know the sender; malware will infect a by their very nature a target for malicious activity; user and then automatically fire itself out they provide direct access to victims in a rich, under their name to all their contacts. relatively open environment. 8. Be wary of spammers trying to connect Because of this, social media providers and users with you by sending invitations. If you must be vigilant about security as they work to don’t know the sender, the best thing to make it a sustainable and useful tool: do is ignore the request. 2
  • 4. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Social networks need to be more proactive • Contacts: No longer just an address regarding security to ensure users are safe and are book in your PC or a few saved numbers not misusing functionality. They should: on a phone, this is now a portable list of everyone you regularly communicate 1. Regularly and diligently scan links, with, organized according to the various content and messages that are shared business groups you belong to. It’s between users. Doing so will help similar to how you may group your list of determine if they are, for example, spam, friends by common interests, activities or malware or a phishing scam. locations. 2. Educate users about the attacks that • Activities: Activities are similar to your can happen online, and provide security personal interests, but with more of awareness pages that help alert users to a business slant. These include your the latest threats. preferred information sources, whom you contact regularly and what you read. 3. Enforce the use of sensible non-dictionary passwords. Standards for sharing contacts, activities and other data types are currently in development. Although 4. Block repeated attempts to guess this holds promise for improved applications passwords by increasing delay time. control, it also challenges organizations to develop Doing so will prevent brute-force attacks a business model that affords users the ability to against passwords. use these sites while protecting their personally identifiable information. So the question remains, how do organizations create these models? Future social media capabilities to proliferate use The industry has done a great deal of work in this area, and more is needed to deliver consistent, Social media also is transforming common trustworthy enterprise use. Enterprise security business functions, including: policies and global data protection policies should be reviewed, refreshed and monitored consistently • Authentication: Today’s social media to keep pace with evolving technology. Social platforms feature data and application media providers must make education a priority controls, which users should follow and keep users up to date on the potential risks to ensure appropriate security. In a associated with social networking use. Most world where services are increasingly importantly, a set of standards and tools must be accessible via standard APIs, permissions developed to help rein in potential threats and and authentication should be a critical keep social networking users out of harm’s way. requirement, but at this point they are not. • Identity: Identity is often considered to be synonymous with authentication—but identity is more than just a username and password. Many social media sites share this personal identifying information with the entire social networking community. 3
  • 5. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks At Sophos, we’ve focused on the importance of Enterprises should expect strong integration of simplicity and enablement. Although an invisible social media in their environments, both as a tool security product sounds unusual, it is consistent to talk to the world and through direct integration with our goal of avoiding user disruption. As for with corporate applications. Consumerization could social media, the benefits are there, enterprises drive such technology in the enterprise organically, are willing—and someone needs to take a visible without recognition by the security staff. Planning stance. Even more fundamentally, we all need to for such integration and being ready to manage explore the vast implications of flexibility versus the process of adoption with risk management is security in our hugely connected world. critical. The most significant risk is usually the unplanned, mass-adopted behavior or technology change. Conclusion Social media is evolving at breakneck speed. There are huge benefits to be realized from the use of these technologies in the enterprise, such as enabling better collaboration and networking than ever before. These technologies will result in greater connectivity, greater integration and greater value through collaboration. 4
  • 6. A Sophos white paper Social media in the enterprise: Great opportunities, great security risks Boston, USA | Oxford, UK © Copyright 2010. Sophos. All registered trademarks and copyrights are understood and recognized by Sophos. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means without the prior written permission of the publishers.