Solved

Should I block social media on my corporate network?

Posted on 2014-12-08
12
213 Views
Last Modified: 2014-12-18
Hello all,
I am getting mixed signals on the vulnerability of allowing social media on my corporate network.  I am contemplating blocking all access to social media for all users except for our Marketing department who is the only area who really need access.  And allowing them access through a seperate network.  I guess my first question is;
 Is social media a vulnerability to my corporate network?
 Is is overkill to worry about letting users have access to social media via our corporate network?
My belief is, better safe than sorry.   I am looking forward to the responses and your views on social media in the workplace.
0
Comment
Question by:brisma
  • 3
  • 3
  • 2
  • +3
12 Comments
 
LVL 20

Accepted Solution

by:
Russ Suter earned 250 total points
ID: 40487046
Social media, in and of itself, doesn't really represent much of a security risk. The risk is the people using it. If you have truly savvy users then there's little to worry about. I've yet to work at a company where I don't have at least a few users who shouldn't be anywhere near a mouse.

The other issue is one of productivity. Restricting users access to social media sites gives them one less distraction from doing their regular work.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 40487047
Social media is a fruitful way to socially engineer bogus links which harbor viruses and malware designed to steal information from computers. You cannot stop this.

So to the extent you allow it (for specific users or for everyone), you need to train people on common sense computing. People should not click on links they do not know or understand no matter how inviting. Social "friends" may not be friends at all.
0
 
LVL 26

Assisted Solution

by:Thomas Zucker-Scharff
Thomas Zucker-Scharff earned 250 total points
ID: 40487066
The 2 previous experts have hit it on the head.  SM can be a boon, especially to HR, but user training is a must.  Links in twitter are the worst.  I have had many people infected because they haphazardly click links in twitter posts.  Note that even if you block SM by blocking port 448, you it is fairly easy to set up notifications through email, so the user training is imperative.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40487074
"The other issue is one of productivity. Restricting users access to social media sites gives them one less distraction from doing their regular work."

Unfortunately it has been found that blocking social media generally leads to staff being EVEN LESS productive than when you allow it.  Those people addicted to social media will resort to using their personal smart phone and using social media on those devices.  We took the decision over a year ago to allow social media to all 4000+ employees and after an initial burst in network traffic we see hardly any noticeable increase now at

Of course we have a policy in place that states clearly what is and is not acceptable, when and how social media can/should be used.  Users generally tend to behave better when treated as responsible adults rather than as convicts or children.
0
 

Author Comment

by:brisma
ID: 40487119
I thank you all for the replies.  We are a very small company and I am the lone IT guy.  Russ made a point that there are some users that should not have access to a mouse, I agree with that statement whole-heartedly, and it does not matter how much training you do,  there will always be problems.  I believe 90% percent of vulnerability is the end user.   Neilsr brought up a study that stated allowing SM improves employee productivity.  That may be true in some cases but I can say I had a supervisor come to me and request blocking certain sites and monitor internet activity and that person told me that productivity improved in the department and her employees were getting their jobs done.  I look forward to more replies.
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 40487145
The latter point you made is more a management point than the social engineering / malware point.

It is really up to management to monitor peoples' productivity. If they cannot help but much around with Facebook, Twitter and so on, then they should be blocked. But to say again, this is a management issue.
0
Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 40487154
Bear in mind that Monitoring and Blocking are two very different things. We don't block but we do monitor. As I said, we have clear policies and guidelines that explain what an employee can and cannot do.
If you have a good policy in place then it is about people management. If you have staff spending 50% of a working day on SM then you have a HR issue not a Technical one.
0
 

Author Comment

by:brisma
ID: 40487165
So to steer this back to a security question.
If social media is not imperative for users, would you take the necessary step to eliminate from your corporate network and have it accessible on a separate network for the users who do need it?
Or is this overkill?
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 40487173
I would look at your firewall or other like product to block people from websites. Putting them on a separate network causes complications and I think is overkill.

At my clients, management practices and training solve most of the problems.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40487562
Agreed. As I said, its not a technical but a political and management issue.   If you can't trust your users to be sensible then should they be your users?  If your antivirus and web monitoring software do not do their job correctly, replace them.

A user that feels trusted and appreciated is far more likely to be productive than one who you tell "We dont trust you, you can't access the internet because you might do stupid things".

As they say, A happy workforce is a productive workforce.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 40487586
well said neilsr, but I can't trust my boss because he can be relied upon to click on any old link that comes his way.  I have straightened out his machine more times than I would like to count.  In order to get work done and make it a little easier on him I tell him certain things just can't be done, even if they can.  It works, since he is not willing to change his browsing/clicking habits this is the only solution I came up with that appeases all sides.  I lock down his machine as much as possible without making it impossible for him to work.

I make more frequent backups of his data than of others'. His machine has a greater degree of security than most as well.
0
 
LVL 10

Expert Comment

by:Schuyler Dorsey
ID: 40507277
Social media DOES have some security implications. There have been a lot of strains of malware over the past 24 months that use Facebook and Twitter as their C2 server.

For example, the malware writer may create a Twitter profile and tweet to it. When the malware infects a computer, it will make a call out to twitter to check that Twitter profile. The malware-writer's tweets acts as commands to the malware.

Blocking social media is usually a BUSINESS decision though and not a technical decision. But at the same time, you need to understand the technical security risk as well.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now