Has your company adopted a social media policy yet? Social Networking sites such as Facebook, Twitter, and MySpace are increasingly being considered threats for at least a couple big reasons: security risks and traffic risks.
Use of social medias at work can pose security risks to the company’s intellectual property through an employee’s personal communication habits. On occasion, attackers assume the identity of someone who hasn’t actually joined sites like facebook. Then the attacker determines who this person’s friends or schoolmates are and sends friend requests. Once befriended, the attacker has personal information of users and can make targeted attacks. Social engineering tactics like this can be very effective, especially when they get users to start sharing URLs leading to malicious sites or spoofs of actual businesses such as your local bank. In some countries, criminals are not banned from using sites like facebook when they are incarcerated, as The Washington Times recently reported.
Use of social medias at work can also pose network traffic problems for the company. These sites can cause excessive network traffic which isn’t all work related. Even if your company’s security routines are adequate for dealing with internet threats, there can still be a major impact on the network’s internet connection. With Scrutinizer NetFlow and sFlow analyzer, you can run reports for the top domains on a given connection(s). You can zoom into a specific time frame for a specific domain and can then specify a threshold for notifications. Just don’t be surprised if you run the Top Domains report and see facebook at the top of the list.
For combating both security risks or network traffic strains, Scrutinizer has social network traffic monitoring covered.
By the way, if your router(s) or switch(s) don’t support NetFlow or IPFIX exports, consider investing in an nprobe which can be placed on a spanned port and can export flow data to the NetFlow collector.
It’s best to ensure that your company has well outlined corporate policies on the use of social networking sites. Measures should be taken to confirm that employees are aware of the potential security risks associated with these sites. But even with those policies in place, sometimes social media sites are accessed. Scrutinizer can help keep you protected.