Infosec: Workplace Facebook bans are a waste of time

Web security vendor Barracuda Networks claims banning staff from using social networking sites still exposes firms to risks.

Like sign

IT departments that try to ban employees from accessing social networking sites for security reasons are fighting a losing battle, claims security vendor Barracuda Networks.

Speaking to IT Pro at Infosecurity Europe, the firm's chief research officer, Dr. Paul Judge, said most end users find a way round blanket bans on Facebook and Twitter use in the workplace.

Your average company's website is just sat out on the internet with nothing protecting it

And, with newer sites such as Pinterest and Instagram emerging and growing in popularity, it is an evolving situation that is hard for IT departments to keep tabs on.

"If you look at the time people spend online, the biggest time drain is social networks. So, if you're an attacker trying to get in front of more eyeballs, it's the place to be," said Judge.

"[These attackers] are making millions of fake accounts to interact with legitimate people and, potentially, your company's employees are exposing you to risk."

However, rather than stop people using them completely, there are steps companies can take to mitigate these risks.

"A lot of companies try to tell people they can't use Facebook or Twitter, but it is easier to let them access the sites in a controlled way," he explained.

"For instance, they can use application control rules or policies to protect themselves against malware, viruses and data loss by controlling the amount of risk social networks expose them to."

He said businesses should make use of "read-only web" tools, which allow employees to visit sites, but prohibits them from downloading and uploading content.

"You can compromise in other ways by letting employees access Facebook, but use tools that stop them from accessing user profiles and limits access to company-related pages," he added.

"There are tools that scan Facebook and Twitter profiles, looking for suspicious content, malware and spam, which gives employees access to a wider range of pages in a controlled way."

Aside from social networking sites, he claimed businesses are also leaving themselves open to attack by failing to secure their corporate sites properly.

"Large financial institutions have been doing [a great job of this] for years, but your average company's website is just sat out on the internet with nothing protecting it," he claimed.

"It is changing. The Anonymous era has increased awareness of network and website breaches and increasingly the board is saying to the IT department, how can we stop that happening to us?"

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Npower shuts down app after hackers steal user data
hacking

Npower shuts down app after hackers steal user data

25 Feb 2021
New monitors for an agile new normal
Sponsored

New monitors for an agile new normal

19 Feb 2021