BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Utilizing Social Media Platforms Carry Security Threats to Organizations

Posted June 15, 2012    Peter McCalister

Social Media is transforming the way businesses are branding and marketing their products, and with 900+ million users on Facebook, most of the workforce is participating. These platforms, including Twitter and LinkedIn provide a bridge for relaying information from companies to consumers, and the potential for future growth is prevalent. There are however security risks that need to be addressed in order to avoid catastrophe within.

A large part has to do with the increase of internet use from mobile devices and BYOD. Employees access their social profiles on the same mobile device that they are downloading sensitive documents, and there isn’t much in place to secure the information. Not to mention, the creation of malware for mobile devices went up 273 percent in the first half of 2011 and is still rising according to recent eEye Security Report. Mobile is a new frontier of security and cybercrime, and is still in the growth stage. The technology for security is there, but companies need to keep the pace with their policies.

It is also apparent that hackers and malicious software developers are targeting social media platforms to commit cybercrimes and pilfer information. The rapid growth and recent big IPOs in social technology has received mass attention, both good and bad. In a June 6 article in CNET, it was reported that approximately 6.5 million LinkedIn passwords were hacked and posted on the web. Not a good vote of confidence in leveraging the platform for your business.

Identity and access management truly becomes a crucial piece to perimeter security when you don’t know how safe you really are. In the 2012 Strategic Security Survey by InformationWeek, 86 percent of IT professionals believe that social media sites pose a threat to security. The top threat was 72 percent of cite malware infection was via malicious links. If you can’t monitor the sites that your workforce is visiting, manage the perimeter within in order to maintain safety.

Social media’s infiltration into the enterprise isn’t slowing down, and taking proper precautions, vulnerability management, mobile device management, and privilege access management is essential to keeping the pace against the dark side of innovation and malicious attackers.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,