Security Management Strategies for the CIO
Email Alerts
-
Book chapter: Social media security policy best practices
The following is an excerpt from chapter 6 Gary Bahadur from the book Securing the clicks: Network security in the age of social media. Chapter Excerpt
-
Mitigating Web 2.0 threats
As companies look to cut costs, Software as a Service has gained ground in the enterprise. Similarly, social networking sites like Facebook and LinkedIn are must-haves in today's workplace. David Sherry reviews how to secure these services and defend... partOfGuideSeries
-
Quiz: Secure instant messaging
A five-question multiple choice quiz to test your understanding of the content presented in the Secure instant messaging lesson of SearchSecurity.com's Messaging Security School. Messaging Security School
-
Trusteer warns of new man-in-the-browser Twitter attack
The attack seeks to compromise a Twitter webpage via a man-in-the-browser attack. Trusteer warns it could be a harbinger of broader future attacks. News | 24 Apr 2013
-
UGNazi hacker group claims responsibility for Twitter outage
Hacktivist group UGNazi says it caused multiple Twitter outages Thursday. Update: Twitter says a "cascading bug" was to blame. News | 21 Jun 2012
-
LinkedIn investigating user account password breach
More than 6 million passwords may have been stolen from the servers of social network LinkedIn and posted to a Russian hacking forum. News | 06 Jun 2012
-
Ramnit malware data out-of-date, social network says
A Facebook spokesperson said the malware is not propagating on the social network. News | 09 Jan 2012
-
Web application risks exacerbated by social media ties, says ISACA
Asynchronous JavaScript Technology, XML, Flash and HTML 5 enable a rich Web experience, but also give attackers an alarming number of ways to penetrate corporate networks. News | 26 Oct 2011
-
Firms struggle to address social networking security risks, survey finds
Many firms rely on antivirus and antimalware technologies to address social networking risks, according to a survey by the Ponemon Institute. News | 03 Oct 2011
-
Phishing attacks target users of Facebook, other social networks
Cybercriminals are dumping the traditional email phishing campaigns for social networks, where it's easier to social engineer attacks and gain trust of users. Article | 08 Sep 2010
-
Gartner: Companies shouldn't bother banning Facebook, social networking
The research firm argues social networking isn't the responsibility of enterprise information security, but social media governance policies and monitoring practices are important. Article | 22 Jun 2010
-
Social networks, financial firms getting used in phishing, brand abuse
Social network names are increasingly being used by phishers and other attackers. But most sites fight back swiftly, according to MarkMonitor Inc. Article | 15 Mar 2010
-
Social networking risks, benefits for enterprises weighed by RSA panel
Social networking risks to enterprises may be outweighed by the benefits, but experts at the 2010 RSA Conference say infrastructure providers must improve security. Article | 10 Mar 2010
- See more News on Social media security risks and real-time communication security
-
Secure browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free SecureBrowsing plug-in from M86 Security that can lessen social networking security risks. Tip
-
How to implement and enforce a social networking security policy
For a new generation of employees entering the workforce, social networking isn't a luxury, it's a necessity. Yet not all enterprises understand that failing to consider social networking security can lead to unfortunate consequences. David Sherry ex... Tip
-
How to lock down instant messaging in the enterprise
The popularity of instant messaging programs in the enterprise creates a huge problem for companies concerned about data leakage and Web-based malware. In this tip, application security expert Michael Cobb offers several strategies enterprises can us... Tip
-
Social networking website threats manageable with good enterprise policy
Social networking sites may worry employers because of privacy concerns or loss of productivity, but some of the sites -- unbeknownst to their owners or creators -- harbor dangerous malware that can take down a network. Michael Cobb reviews the risks... Tip
-
Unified communications infrastructure threats and defense strategies
Unified communications systems promise exciting productivity gains for workers and cost savings for businesses, but many often underestimate the security threats facing them. John Burke outlines the threats facing unified communications and how to de... Tip
-
Latest IM attacks still rely on social engineering
In the age of email-borne superworms, email recipients would often become victims without any interaction or warning. However, as Michael Cobb explains, many of today's most dangerous instant messaging attacks require user interaction, meaning wary, ... Tip
-
Secure instant messaging in the enterprise
Instant messaging can be a conduit through which viruses come in to and sensitive data goes out of the corporate network. Enterprises need a thorough IM policy and the technical measures to back it up, regardless of whether IM is allowed or strictly ... Tip
-
Websense Enterprise 5.5
Learn why Information Security magazine believes this product is ideal for organizations who need an robust Internet filtering solution. Tip
-
How to block IM applications in the enterprise
In this tip, security guru Mike Chapple discusses how IM threatens the network and provides strategies you can use to keep your network free of IM traffic. Tip
-
How to reduce spim
Learn three tips for reducing unsolicited instant messages. Tip
- See more Tips on Social media security risks and real-time communication security
-
Gaging the security risk posed by the WordPress pingback vulnerability
Security expert Nick Lewis details the WordPress pingback vulnerability and advises whether it is time to update custom WordPress implementations. Answer
-
Avoiding pitfalls in social media compliance, security
Expert Mike Chapple offers regulatory compliance advice regarding the management of enterprise social media accounts. Answer
-
Safely using shortened URLs requires user education, technology
Expert Nick Lewis delves into the potential threat posed by shortened URLs and what enterprises can do to protect users from malicious short URLs. Answer
-
How to reassess privacy settings in wake of Facebook cloaking issues
Expert Nick Lewis discusses how Facebook cloaking exposed users' personal info and why it's important to control social media security settings. Answer
-
Assessing Pinterest security and defending against Pinterest spamming
Expert Nick Lewis discusses the state of Pinterest security and provides info on preventing Pinterest spamming and other social engineering attacks. Answer
-
Social networking best practices for preventing social network malware
Get advice on social networking security best practices that can help prevent data leaks and other social network malware that could harm to your enterprise. Ask the Expert
-
After Facebook attack, has the threat of clickjacking attacks increased?
Learn more about the recent Facebook attack, and how clickjacking attacks in general can affect enterprise information security in this expert response from Nick Lewis. Ask the Expert
-
What controls should be used to block social networking sites?
Find out what controls companies can use to block social networking sites. Ask the Expert
-
Manage access to social networking sites with an acceptable use policy
Social networking sites can cause security issues, but sites like Twitter and Facebook can also open up significant business opportunities. Learn how to manage employee access to social networking sites to make sure only those employees who need acce... Ask the Expert
-
What are effective ways to stop instant messaging (IM) spam?
In this expert Q&A, Michael Cobb reveals what techniques and tools can be used to stop instant messaing spam, or spim, in the enterprise. Ask the Expert
- See more Expert Advice on Social media security risks and real-time communication security
-
pharma hack
The pharma hack is an exploit that takes advantage of vulnerabilities in WordPress or Joomla documents, causing search engines, notably the one hosted by Google, to return ads for pharmaceutical products along with legitimate listings. Definition
-
likebaiting
Likebaiting is the practice of trying to compel Facebook users to click the Like button associated with a piece of content. The practice is similar to linkbaiting, in which content producers craft content with the intent of getting people to link to ... Definition
-
likejacking
Likejacking is a variation on clickjacking in which malicious coding is associated with a Facebook Like button. The most common purposes of likejacking include identity theft and the dissemination of viruses, social spam and hoaxes. Definition
-
greynet (or graynet)
Greynet is a term for the use of unauthorized applications on a corporate network. A greynet application is a network-based program that corporate network users download and install without permission from their company's IT department. Definition
-
Mobile malware and social malware: Nipping new threats in the bud
Learn mobile and social media malware prevention tactics as contributor Lisa Phifer analyzes the malware risks of social media and mobile devices. Video
-
Social media legal issues: Advice for IT security pros
Video: When a company or its employees use social media, the IT team should understand the legal terms and conditions of each social media site. Video
-
Screencast: How to use WPScan to provide WordPress plug-in security
Mike McLaughlin displays the abilities of WPScan and the simplicity the tool offers in assessing the security of WordPress plug-ins and avoiding related security vulnerabilities. Video
-
Faceoff: Has social networking changed data privacy and security?
In this exclusive conversation, security industry luminaries Hugh Thompson, founder of People Security, and Adam Shostack, author of "The New School of Information Security," discuss the state of social networking and data privacy, and why the social... Video
-
Podcast: Top 5 quick tips for safer instant messaging
Michael Cobb of Cobweb Applications counts down five quick tips that can secure IM in the enterprise. Cobb discusses account naming rules, acceptable use policy, instant messaging encryption and much more. Podcast
-
Gaging the security risk posed by the WordPress pingback vulnerability
Security expert Nick Lewis details the WordPress pingback vulnerability and advises whether it is time to update custom WordPress implementations. Answer
-
Avoiding pitfalls in social media compliance, security
Expert Mike Chapple offers regulatory compliance advice regarding the management of enterprise social media accounts. Answer
-
Trusteer warns of new man-in-the-browser Twitter attack
The attack seeks to compromise a Twitter webpage via a man-in-the-browser attack. Trusteer warns it could be a harbinger of broader future attacks. News
-
pharma hack
The pharma hack is an exploit that takes advantage of vulnerabilities in WordPress or Joomla documents, causing search engines, notably the one hosted by Google, to return ads for pharmaceutical products along with legitimate listings. Definition
-
Safely using shortened URLs requires user education, technology
Expert Nick Lewis delves into the potential threat posed by shortened URLs and what enterprises can do to protect users from malicious short URLs. Answer
-
Mobile malware and social malware: Nipping new threats in the bud
Learn mobile and social media malware prevention tactics as contributor Lisa Phifer analyzes the malware risks of social media and mobile devices. Video
-
likebaiting
Likebaiting is the practice of trying to compel Facebook users to click the Like button associated with a piece of content. The practice is similar to linkbaiting, in which content producers craft content with the intent of getting people to link to ... Definition
-
likejacking
Likejacking is a variation on clickjacking in which malicious coding is associated with a Facebook Like button. The most common purposes of likejacking include identity theft and the dissemination of viruses, social spam and hoaxes. Definition
-
How to reassess privacy settings in wake of Facebook cloaking issues
Expert Nick Lewis discusses how Facebook cloaking exposed users' personal info and why it's important to control social media security settings. Answer
-
Assessing Pinterest security and defending against Pinterest spamming
Expert Nick Lewis discusses the state of Pinterest security and provides info on preventing Pinterest spamming and other social engineering attacks. Answer
- See more All on Social media security risks and real-time communication security
About Social media security risks and real-time communication security
This topic section focuses on social media security and real-time communications security. Here you will receive tips and advice from our experts on social media security best practices, including creation and implementation of social media security polices, employee awareness and risk assessments, and updates and news on current social media security risks and threats and real-time communication security issues.