Channel partners such as VARs, resellers and integrators can assist their customers in developing defensive strategies, and recommending and selling equipment to aid in defense. In this tip, we'll explore how you can help your customers address social networking security risks.Friendships created via social networks can be exploited to extract information or introduce malware.
New social networking security risks and vulnerabilities
Confidential information can be inadvertently revealed in an email, but emails are typically addressed to a few individuals. Social networking sites are open to a much wider audience.
Consider the following scenario: An executive of a small publicly traded software company intends to inform his friends that he'll be away for a business trip to Redmond, Washington. An email would be seen by only a few friends, but by posting that information on Facebook, he potentially tips off anyone who monitors his page and has been watching for the possibility of an acquisition.
Friendships created via social networks can be exploited to extract information or introduce malware. No one would reveal to a stranger via email whether his or her employer is likely to report a good quarter. But it's easy to imagine telling a supposed friend, "I'm really busy at work these days because sales are great."
The same types of malware spread through social network sites as through other types of websites or email, but a new type of malware may spread more rapidly via a social network site. For example, an infected video clip on YouTube or Facebook that has "gone viral" may be viewed by tens of thousands in a single day, long before antimalware software vendors can develop and distribute a defense.
Opportunities for channel partners
Network managers are divided over whether employees should be allowed to access social networks from within the enterprise network. Channel partners can assist their clients in understanding the advantages and disadvantages of each choice. For those who decide to block access, channel partners can assist in designing a solution and selecting equipment appropriate to each client's needs.
Firewall vendors such as Barracuda Networks Inc. and Check Point Technologies Inc. include features designed to detect and block network traffic from social network sites. Barracuda's Web Filter allows access rights to be tailored by specific application so, for example, employees could be granted access to LinkedIn but not Facebook. Access can also be tailored to specific teams within an organization. A human resources group, for example, can be allowed access to job search sites, while a marketing team can be the sole group given responsibility for managing the organization's Facebook page.
Check Point's Application Control Software Blade identifies traffic based on Check Point's AppWiki listing of more than 4,500 individual applications. Network managers can select which applications to allow and which to block from the AppWiki listing.
Check Point also includes the UserCheck feature, which can be configured to query an employee attempting about whether the application they are trying to access is being used for business or personal use. UserCheck can also respond by informing employees about their access rights and company network-use policy. The feature offers a valuable way to allow legitimate use of social networking while reminding employees that their access is being monitored.
Smartphones provide access to social networks
Simply blocking the enterprise network to social network traffic is not sufficient. Employees can still access these sites via either company provided smartphones or their personal phones.
Channel partners should work with their clients to develop and maintain a process to install antimalware software on all company-supplied phones. Software packages are available for all common types of smartphones from vendors such as Kaspersky Lab Inc., McAfee Inc. and Trend Micro Inc.
Employee-owned smartphones present a more difficult challenge. Employees should be made aware that their phones are as vulnerable as their personal computers and that antimalware software should be kept up to date on both. Channel partners may be able to offer assistance by making antimalware software available to employees at a reduced price based on a larger quantity purchase.
The issues that apply to smartphones also apply to remote access from both company- supplied laptops and employee-owned computers. The same solutions apply. Ensure antimalware software is up to date on company-owned computers and urge employees to do the same with their personal systems.
Educate employees about social networking security risks
No matter whether or not your client blocks access to social networking sites and whether employees carry company-supplied smartphones or laptops, education is key. A technical product alone will not prevent the disclosure of confidential information or employees from falling for a scam due to accessing a social network site.
Channel partners can assist by working with clients to create training programs to teach employees at all levels within the company to identify scams. Also educate employees about the hidden dangers of social networking postings that do not outwardly appear to reveal confidential information.
These challenges offer a tremendous opportunity for channel partners whose clients cannot allocate the time to stay up to date on the latest popular sites, types of malware and latest threats. Channel partners can help by monitoring reporting services, updating clients on the latest dangers, and informing them about the latest software tools.
About the author:
David B. Jacobs of The Jacobs Group has more than twenty years of networking industry experience. He has managed leading-edge software development projects and consulted to Fortune 500 companies as well as software start-ups.
This was first published in September 2010