Manage Learn to apply best practices and optimize your operations.

Social networking best practices for preventing social network malware

Get advice on social networking security best practices that can help prevent data leaks and other social network malware that could harm to your enterprise.

What's your opinion on guidelines for time-out settings, caching and other security best practices with regards to how enterprise users can interact with social networking sites? Is it possible to establish and implement a standard set of guidelines for enterprise users, and would it help to not only prevent data leaks, but also keep emerging social networking malware at bay?

You certainly need to implement and enforce an acceptable usage policy covering the use of social networking sites. As you say, it will help prevent data leaks and reduce the chances of a social networking-based attack from succeeding.

The best way to ensure your policy works is to develop it through consultation with your employees and strictly enforce it. Employees are less likely to circumvent restrictions if they understand the logic behind them and have been involved in developing the overall policy.

It's an enterprise social networking security best practice to permit access only to social networking sites that have obvious business benefits and only to users with a business need to access them. When deciding which sites employees are allowed to access, you should take into account the sites' terms and conditions, as well as what they can do with user information and content.

It is key that all staff receive security awareness training covering your acceptable usage policy for social networking. Promoting good practice and improving user behavior are the best methods of reducing the risks from this form of communication. Many social networking sites' profile pages encourage the publication and sharing of personal information, but it can be harvested and used for phishing or targeted malware attacks against the user or organization, possibly putting personnel safety and the organization's information assets and reputation at risk. Employees need to be made aware that although content can easily be posted, it is essentially impossible to completely delete it.

User training should also cover the common social network malware scams and social engineering techniques used to procure personal or login information. Of course the use of strong passwords should be mandated and, where possible, require users to operate separate personal and work accounts. Also, advise users to make full use of any available privacy settings that control what information is viewable and to whom.

To your question, setting short session time-outs and limiting cached content are good practices. Cached content can be controlled via most browsers, while setting a short idle time to activate a password protected screen saver is one way of combating unclosed sessions.

These are all good practices, but making your security policies enforceable will have a much bigger effect on your users' overall behavior. Web monitoring tools, such as Websense Inc.'s Web Security Gateway, or BlueCoat Systems Inc.'s ProxyAV line, can detect holes in your acceptable usage policy so it can be updated or, when necessary, disciplinary steps can be taken against specific users. Also, data loss prevention (DLP) tools can prevent accidental or intentional data disclosures via social networking by analyzing content, monitoring cut-and-paste actions, and overseeing file access and blocking inappropriate access or transmission, while warning users at the same time.

This was last published in February 2011

Dig Deeper on Social media security risks