| 1. | Keep PC, network protection and malware detection software up to date. Make sure firewall, web filtering, anti-virus and anti-spyware programs are up to date and providing sufficient protection. Windows, IE and Firefox updates also help to guard against browser attacks. |
| 2. | Make sure your AUP covers social networking. If you have a company profile, be explicit about what employees can and cannot post (which should include personal information about themselves, their colleagues and company email addresses) A strict policy on the separation of leisure and work based profiles is also important. (It is a very short hop from a company LinkedIn page to an individual Facebook profile, complete with drunken videos of your employees or their friends which could destroy your commercial credibility). |
| 3. | Block downloads. Employees should not be allowed to download anything without permission and executable files should always be treated with suspicion. |
| 4. | Don't assume some sites are safer than others. In some ways, LinkedIn is more dangerous than Facebook because it is more 'trusted' as a social network for professionals. Educate staff and inform them of the risks. If you have a company profile, police it carefully to make sure staff are not exposing anything they shouldn't be. |
| 5. | Keep an eye on your on-line presence. Make a point of regularly Googling your company name and the names of your key employees. Set up Google alerts so you can see if anything new pops up online. (note: only do alerts for employees with unusual names - if they're called John Smith it's a pretty pointless exercise). |
| 6. | Use staff dependence on social networks to your own advantage. Think creatively when it comes to punishing staff for misuse of social networking sites. Restricting or blocking access to Facebook for a month will make them think twice next time they abuse their access privileges and word of such sanctions on offending users should spread rapidly throughout the company. |
Control, Monitor and Protect
As social networking sites like Facebook grow in popularity, they also become popular targets for phishers and other cyber criminals. Worryingly, very few users understand how to protect themselves and one in four people registered on Social Networking sites are still exposing themselves to identity fraud. (Research by GetSafeOnline).
Guardian can help managers to carefully control and monitor the use of social networking sites in the workplace. Instead of implementing blanket bans, access to Facebook and similar sites can be restricted to lunchtimes, or privileged users. Web uploads (e.g. blog, twitter and facebook posts) can also be monitored using a keyword analysis system. Below is a list of tips for organizations on how to protect against social-networking related risks.
As social networking sites like Facebook grow in popularity, they also become popular targets for phishers and other cyber criminals. Worryingly, very few users understand how to protect themselves and one in four people registered on Social Networking sites are still exposing themselves to identity fraud. (Research by GetSafeOnline).
Guardian can help managers to carefully control and monitor the use of social networking sites in the workplace. Instead of implementing blanket bans, access to Facebook and similar sites can be restricted to lunchtimes, or privileged users. Web uploads (e.g. blog, twitter and facebook posts) can also be monitored using a keyword analysis system. Below is a list of tips for organizations on how to protect against social-networking related risks.
Be suspicious, trust nobody
Knowing how to protect yourself (or your network users) on Social Networking sites without disclosing identity information that could make you a target for phishers and other cyber criminals is a growing need.
Knowing how to protect yourself (or your network users) on Social Networking sites without disclosing identity information that could make you a target for phishers and other cyber criminals is a growing need.
| 1. | Be suspicious, trust nobody. Hackers can fake messages to make them look like they're from your friends. Be alert for clues such as strange links, unusually bad (or good!) grammar/spelling or things your friends wouldn't normally say or send. Invitations to join new networks can also be social engineering or phishing attacks in disguise. If in doubt, contact your friends first to check. |
| 2. | Don't post personal information online - anywhere. This should go without saying but people are still taking silly risks when it comes to identity fraud. Never ever publicly post your address, email or date of birth. Sites like LinkedIn are often assumed to be 'safer'. They are not - don't make the mistake of posting your entire resume or employment history, or details about your company or workplace that could be used for attacks. |
| 3. | Don't violate your company's AUP. Check what the company policy is and make sure you adhere to it. Don't use your work email address for networking sites and think twice before you post. Facebook-related firings are on the rise and the permanency of online posts can give employers an incriminating and easy-to follow digital paper trail. Never try to bypass web filtering controls - doing so leaves networks vulnerable to attacks, the consequences of which could lose you your job. |
| 4. | Beware of fake sites and profiles. Hackers can 'spoof' links to popular domains. Avoid compromising usernames and passwords by using bookmarks (or typing URLs in directly). Never click a link in a message or email invitation and remember that at least one in five Facebook profiles are fake. |
| 5. | Be careful with apps and widgets. 3rd party apps are not validated by Facebook or other sites and could do serious damage to your PC - and your online friendships. Some are designed to distribute adware, some to generate revenue, some to attack your friends and some to give miscreants access to your profile. If you use them, check their individual privacy policies carefully. |
| 6. | Don't install everything you're asked to. All downloads are potentially dangerous and executable files should always be treated with suspicion, particularly if they are purporting to be videos. Most videos share a few common formats so if you are prompted to download and install a codec or plugin first, it's probably a Trojan in disguise. |
| 7. | Check site policies and procedures carefully. Some will give your email address to companies that will send you spam and some will even scan your address book and spam your friends as well. Block cookies as most sites use them to track user preferences and habits. Make sure you know how to get things removed or report abuse - before you need to. |
| 8. | Use (but don't trust) privacy controls. The more you publicly reveal in posts and profiles, the more vulnerable you are to scams, spam and identity theft. Change search settings from 'everyone' to 'friends of friends' and untick the 'view my friends' option. Never assume that privacy means complete protection either - social networks don't offer any kind of guarantees regarding non-disclosure of your personal details. Assume everything is public and permanently recorded. Think twice before you post. |
| 9. | Don't sacrifice your safety for the sake of popularity. Social networks are about making and keeping in touch with friends - not popularity contests. No-one except you really cares how many friends you have. Don't accept friend requests from people you don't know or trust. |
| 10. | Passwords matter. Use a strong alphanumeric password and don't use the same one for registration and login so you can still verify your credentials if your account is compromised. |
Copyright © 1999-2013 by SAV25 Data Systems · All Rights reserved ·
Stay connected with SAV25