Social media sites like Facebook, Twitter and YouTube have become a mixed blessing for companies. On one hand they provide very attractive and low cost marketing outlets for the company’s marketing messages. On the other hand their popularity with employees presents both productivity and security challenges. The extent of the productivity loss due to employees spending time on social media sites for personal rather then business reasons is hard to quantify. It might make sense for a marketing manager to spend time on social media sites but if an engineering manager spent the same amount of time on Facebook and YouTube it might be a cause for concern. Without the tools to track how much time different users and classes of users are spending on social media sites it is very difficult to identify potential abuses.
From a security perspective, the popularity of social media, along with people’s tendency to share too much information, presents problems. I am always amazed at the information people offer in various forums, Facebook and Twitter accounts. It has becomes so easy and so interactive that people seem to forget that they are talking to a huge audience, some of whom undoubtedly have less then benign motives. I recently saw a network manager on a LinkedIn group ask for advice on optimizing his firewall rules. He actually posted his network diagram, his firewall configuration and the firewall rules. He would never have given this information to a stranger at the corner coffee shop, but he published it to a much larger and potentially more dangerous audience apparently without a thought.
In addition to the problem of employees sharing too much information, social media sites are increasingly being used to distribute malware. As the numbers of people using social media continues to grow, scammers and malware producers are increasingly targeting this user base. McAfee Labs included as a threat prediction for 2011, the specific problem of URL-shortening. “Of the social media sites that will be most riddled with cybercriminal activity, McAfee Labs expects those with URL-shortening services will be at the forefront. The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites. With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes.”(2)
The first step to controlling the use of social media is to have the right set of tools and a well-defined acceptable use policy. The tools need to be able to monitor the usage of social media from within the network and identify which users are accessing which social media services, determine the volume and pattern of usage, and inspect and alert on the content being transmitted to those services. Social media usage should also be correlated against other network and log activity within the enterprise; for example, the transmission of data to a social media site immediately following the user accessing a sensitive internal resource should at minimum raise an alert.
Social media will always be a mixed blessing for business but with the right set of tools it doesn’t have to be a high risk blessing.
(1) Sophos security threat report 2011, p. 9.
(2) McAfee labs Predicts Geolocation, Mobile Devices and Apple Will Top the List of Targets for Emerging Threats in 2011, 12/28/10 http://investor.mcafee.com/releasedetail.cfm?ReleaseID=538998