In the September 30th InfoSecurity article, they state that 72% of surveyed businesses block social networking sites. These begs the question, are they truly worried about the security threat aspect of social networking sites, such as Facebook and Twitter, or are they more concerned with the perceived loss in productivity.
Personally I believe they should be concerned with both but I don't believe blocking access is the answer. Obviously, with the high number of malicious code working their way through social networking sites, businesses should be concerned, but I believe they should not block access, but focus on ensuring that their systems are safeguarded against the potential threats.
Anti-Virus protection is pretty obvious, an IDS or IPS would also be a good suggestion as well. In addition, employee education should also be a focus, as most malicious code found on popular sites requires some interaction by the user. Focusing on educating the end-user, will help lessen the risk of incident, as well as help secure the organization.
I do not believe that blocking these sites will protect the company, as any knowledgeable security professional will tell you, if you block something that people want access to, they will find a way to get it. In finding a way to get it, they may damage important systems, inadvertently, to do it or open holes to allow greater threats into the organization.
In addition, I believe blocking social networking sites is not going to last very long, as businesses see more and more opportunity to increase recognition and customer base.
No comments:
Post a Comment