By Nigel Hawthorn, VP Marketing, EMEA Blue Coat Systems, www.bluecoat.com
Social networking is fundamentally shifting the way we interact and communicate. Growing rapidly, companies large and small can no longer ignore or try to block social networking in their environment. Customers, partners and employees alike expect to engage with you via social media to stay connected, gather feedback, recruit, and collaborate. As a result, you need to support social media in your environment.
Social Networking Risks
All the things that make social media so attractive to users pose significant risks to your business. The following are the top four risks you face when you use social networking:
1. Malware: social media users are spending more than 700 billion minutes per month on Facebook alone, making social networking sites and their users’ ideal malware targets. According to Sophos, 40% of users were infected by malware from social networking sites. Typical attacks try to trick users into giving up information that can be exploited for financial gain. Some examples of malware in social media are:
Phishing: Attackers pose as one of your legitimate social networking connections and try to lure you into providing sensitive information, such as your login credentials. They prey on the tendency of most people to use the same passwords for all their accounts, hoping that by tricking you into giving one username and password they can get access to more profitable online accounts.
Click-jacking: Attackers lure you into clicking on a link, perhaps posting it on your wall and then spamming your friends to “check it out.” When someone clicks on the link they unwittingly install malware that can be used to steal information or take control over their computer. Clickjacking uses the dynamic nature of social networking and a willingness to click on links from those you know, and even those you don’t, to quickly reach a large audience.
2. Data Loss: Social networking is about making connections and sharing experiences and information, however, sometimes that information is not meant to be made public. It’s not uncommon for people to inadvertently post confidential information that provides “insider knowledge.” These actions, though unintentional, can potentially violate industry specific regulations, impact your reputation, or put you at a competitive disadvantage.
3. Bandwidth Consumption: As much as 40% of employees report that they are on social networking sites at work, creating a potential strain on bandwidth to the detriment of other business applications. Last year, when the U.S. government mandated open access to social networks, traffic on the network increased by 25%. Video alone can overwhelm many networks. A single video stream usually consumes between 500k to 1.2 Mbps (and that’s not even HD), and when you have tens or hundreds of people accessing videos it’s easy to see how overall performance can degrade.
4. Productivity Loss: Social networking sites are becoming online destinations, enabling you to post and read messages, upload or check out videos, and play games making them increasingly convenient and engaging for users. When unchecked, the time spent on social networking sites can affect productivity, as your employees spend more time playing during business hours.
New Requirements to Keep Your Business Safe
While you find yourself compelled to allow social media, you do not need to expose your business to undue risk. There are ways to protect against the risks posed by social networking. Specifically, your solution needs to provide:
-> A Real-Time Web Defence — your solution needs to analyse your web traffic and uncover threats that may be hidden there. Real-time analysis of dynamically changing links provides risk analysis and timely protection to keep social media safe.
-> Selective Social Networking Controls — to protect against data loss and comply with industry-specific regulations, you need to be able to manage the actions your employees can take within social networking sites. You may want to prevent employees from uploading attachments, photos or video to social media sites. The key is to have granular control over what can be done within social networking. This requires a solution that not only looks at where the initial traffic is coming from but also at what is being done within that application.
-> Caching — you can’t allow social media to overrun your network and adversely impact business critical applications. What you can do is offset any potential performance degradation with caching, which allows you to locally store data and video files after an initial download and make them readily available to users.
-> Policy Flexibility — to manage productivity, you need to set acceptable use policies. You may choose to block access to gaming or social networking during work hours; or you may want to give it a lower priority, so it doesn’t impact business critical applications. With a flexible policy framework, you can prioritize and manage the activities that are allowed or disallowed.