While the basic risks of social media are well known to most enterprise security managers, there are many dark corners of social media that can be just as dangerous or even more so. Here are three ways that social media can sneak malware and exploits across your corporate firewalls, and ways that you can pay attention and hopefully prevent their misuse. The biggest issue is that many corporate executives don’t really know what is going on across their networks, and don’t have any visibility into the traffic patterns and potential exploits.
HTTPS isn’t necessarily as secure as you think.
SSL/TLS encryption is overwhelmingly the most common encryption protocol used in modern Web applications – from social media sites (like Twitter or Facebook), webmail (like Gmail) or cloud sync services (like Dropbox). And while for the most part, this protocol does a good job of protecting user privacy.
However, if you’re already on a company network or connected via a VPN, then these encrypted connections may also be putting you (and your company) at increased risk. The main reason for this is that the encrypted tunnel between you and the server hides the network traffic, but doesn’t protect you from threats on the site that you are already connected to. So even if hackers can’t view the web traffic that you are sending to a social network’s servers, they are still able to attack you with clickjacking and other exploits commonly employed in social network attacks on the site itself.
For IT, the bottom line is that if you can’t see encrypted traffic, you can’t fully protect your users online. Fortunately, network security companies know this and I predict that in the future there will be two kinds of security companies: those that can decrypt SSL traffic and those that will be adding this crucial feature.
Mobile Devices May Be the Weakest Link
A few years ago, even a rumored piece of mobile malware in the wild could grab global headlines. But 2011 was the year that mobile malware went from “proof of concept” to “real threat” – and 2012 will likely only be worse, with malvertising and botnets on mobile devices predicted to increase.
René Bonvanie is the Chief Marketing Officer at Palo Alto Networks, the network security company.
But the biggest threat may come from mobile applications themselves, few of which protect login credentials adequately. From a security perspective, a compromised mobile application is not “less bad” than a compromised desktop client or a compromised network. If your username and password for a Web application is compromised on your mobile device, perpetrators can use your accounts for illicit purposes. This includes the accounts you use at work. Also, remember that if your mobile device is logged on to the company Wi-Fi network, then all the applications on that device are also operating on the enterprise network. Even without a formal bring-your-own-device (BYOD) policy, anyone in the company with a copy of a network Wi-Fi password can potentially put their personal device on your network.
Suspicious Browser Extensions and Third-Party Apps
Everything that was said about mobile applications applies doubly to third-party applications, browser plug-ins and scripts for sites such as Facebook, Google+ and other platforms that integrate with trusted Web applications. Everything that we said before about how to secure yourself from Web application threats – gaining more visibility into your network traffic, making sure your security can identify malicious activity even when it’s encrypted, and establishing best practices for end users to follow – also applies to browser extensions and third-party applications.
The Best Defense?
As we’ve seen, there are many different and varied threats that put both the enterprise and individual employees at risk. While there is not a single silver bullet that can eliminate all threats to the enterprise, educating users and implementing IT best practices can greatly mitigate them. It’s also important to note that allowing these social web applications on the network is still beneficial for the enterprise as a whole, providing benefits from increased productivity and improved collaboration to higher overall employee morale. IT should engage with users so that they can keep up with the pace of change and security needs of their employees who are on the social web.
