Can you control and audit social networking, instant messaging, Skype, BlackBerry PIN and Web2.0 applications - really, can you?
Social networks such as Facebook, Twitter and LinkedIn are fast becoming the order of the day. These applications are being used by individuals and companies alike.
Individuals keep in touch with one another and companies have discovered a very effective and efficient way of gaining new customers, keeping in touch with existing ones and getting in touch with old ones.
The challenge is how do you manage both requirements in the workplace without compromising company data, impinging on the business benefits and at the same time giving responsible staff reasonable access?
“In most boardrooms, the response to any social networking problem is to simply block all access,” said Sean Glansbeek, Director of Seven Days Technologies. This is easier said than done, as there are numerous ways around this.
The real solution is to manage these applications and exploit them where you can.
“It would be a very different boardroom conversation if customers knew they have complete control over social networking and IM conversations, and all the data that gets passed through,” explains Sean Glansbeek.
Here are some examples and controls one can achieve:
Companies can now safely let their employees use Facebook, LinkedIn, and Twitter and still meet stringent compliance and regulatory requirements:
* Manage access to and use of applications within social networking sites like Facebook, according to established acceptable use policies
* Lower the risks from inbound threats and outbound data leakage
* Meet employee needs without impacting productivity or security
* Maintain regulatory compliance through logging and archival
* Moderate content posted to Facebook, LinkedIn and Twitter
* Log and archive all content posted to Facebook, LinkedIn and Twitter
* Granular feature controls for Facebook, LinkedIn and Twitter
* Keep protection on track with dynamic updates of new social networking sites and applications hosted by those sites
* Benefit from a single point for enablement, access management, security and control for Web and real-time channels
* Protect investment in security today by providing a platform on which future Web-borne threat prevention can be built
The next question is can one achieve similar controls for Skype, public IM and BlackBerry PIN?
* Authorise Skype and public IM (PIM) usage and block all other users
* Map Skype/PIM buddy names to employees
* Control whether VOIP and video can be used
* Log and archive IM messages sent
* Apply IM disclaimer messages to educate users and meet legal, audit and regulatory requirements
* Prevent data leakage with granular IM content filtering and file transfer blocking
* Additional application specific features are available for Skype, public IM and BlackBerry usage.
Another challenge is that most of these applications have an SSL connection or are XML driven sites, which can result in malware being downloaded into the company network. Most companies have no way of intercepting this type of data and being able to inspect for viruses, Trojans and malicious code. So once again the standard answer to this problem is the same: “Block all access.” But what if one could intercept this traffic and inspect for these bad entities? That would again make for a different discussion.
Share