ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What are the best social networking practices for preventing social network malware that every company should follow?

user-image
تم إضافة السؤال من قبل Duaa Saif , Translator & Copywriter , Bayt.com
تاريخ النشر: 2016/03/27
Hamza M Babiker
من قبل Hamza M Babiker , Senior Translator, editor, content writer and media specialist , Freelancer

This is a very nice question by Duaa Saif as it concerns almost  every body here. According to Tony Bradley, PC World, here are three simple things you can do to avoid these attacks and protect your PC and your personal data:

1. Keep your friends close

Take a look at your "friends" on Facebook and on other social networks. How many of those people are people you know personally and trust? Use discrimination in choosing your social network contacts to minimize your exposure to these threats.

2. Exercise caution

Society at large has been brainwashed with the mantra to not open unsolicited or suspicious email file attachments, and to not click on links within email messages. That same common sense logic has to be extended to social networking. Do not open attachments or follow links on messages—even from friends you know—on social networks unless you know what it is. A message to you out of the blue and lacking context should immediately raise some red flags.

3. Protect your PC

Many attacks exploit known vulnerabilities, or even use known malware variants as a means of propagation. Keep your operating system and applications patched and up to date, and use security software to detect and block malware. A security tool with data access monitoring can provide additional protection by ensuring that sensitive information isn't leaving your PC without your knowledge.

Truth be told, the tips for avoiding attacks are pretty much the same as you should follow for email. Use some common sense, and exercise some health skepticism about every message and link, and you can defend yourself against the vast majority of attacks.

Lana Oudeh
من قبل Lana Oudeh , PR Coordinator , Al Ghanem

What's your opinion on guidelines for time-out settings, caching and other security best practices with regards to how enterprise users can interact with social networking sites? Is it possible to establish and implement a standard set of guidelines for enterprise users, and would it help to not only prevent data leaks, but also keep emerging social networking malware at bay?

You certainly need to implement and enforce an acceptable usage policy covering the use of social networking sites....

As you say, it will help prevent data leaks and reduce the chances of a social networking-based attack from succeeding.

The best way to ensure your policy works is to develop it through consultation with your employees and strictly enforce it. Employees are less likely to circumvent restrictions if they understand the logic behind them and have been involved in developing the overall policy.

It's an enterprise social networking security best practice to permit access only to social networking sites that have obvious business benefits and only to users with a business need to access them. When deciding which sites employees are allowed to access, you should take into account the sites' terms and conditions, as well as what they can do with user information and content.

It is key that all staff receive security awareness training covering your acceptable usage policy for social networking. Promoting good practice and improving user behavior are the best methods of reducing the risks from this form of communication. Many social networking sites' profile pages encourage the publication and sharing of personal information, but it can be harvested and used for phishing or targeted malware attacks against the user or organization, possibly putting personnel safety and the organization's information assets and reputation at risk. Employees need to be made aware that although content can easily be posted, it is essentially impossible to completely delete it.

User training should also cover the common social network malware scams and social engineering techniques used to procure personal or login information. Of course the use of strong passwords should be mandated and, where possible, require users to operate separate personal and work accounts. Also, advise users to make full use of any available privacy settings that control what information is viewable and to whom.

To your question, setting short session time-outs and limiting cached content are good practices. Cached content can be controlled via most browsers, while setting a short idle time to activate a password protected screen saver is one way of combating unclosed sessions.

These are all good practices, but making your security policies enforceable will have a much bigger effect on your users' overall behavior. Web monitoring tools, such as Websense Inc.'s Web Security Gateway, or BlueCoat Systems Inc.'s ProxyAV line, can detect holes in your acceptable usage policy so it can be updated or, when necessary, disciplinary steps can be taken against specific users. Also, data loss prevention (DLP) tools can prevent accidental or intentional data disclosures via social networking by analyzing content, monitoring cut-and-paste actions, and overseeing file access and blocking inappropriate access or transmission, while warning users at the same time.

Source: searchsecurity.techtarget

Shaikha Ali AlSowaidi
من قبل Shaikha Ali AlSowaidi , Owner / Marketing Consultant , Marketing Consulting (Company Confidential)

It becomes more and more difficult to protect your social media networks from malware the more interconnected we become online, but there are some prevention methods. One way to do that is to stay aware, alert, and ahead of the game. Research the newest ways that people are attacking networks. It can be as subtle as a trojan attack through Facebook, or embedded coding in a photo on Twitter. The more technology we are exposed to, the smarter the hackers become...so it is our responsibility to make sure that we are doing our due diligence and ensuring that our networks are secure and safe for everyone to use. Especially when it comes to marketing on social media, we have to be careful. We are depending on the social media networks for marketing more these days. We depend on Social Media for so much more than that, we depend on it to stay connected. So it's better to be 100 steps ahead of the malware developers in order to keep the social networks safe.

Ahmed Mohamed Ayesh Sarkhi
من قبل Ahmed Mohamed Ayesh Sarkhi , Shared Services Supervisor , Saudi Musheera Co. Ltd.

wait more details from our experts

 

mohsin farooq
من قبل mohsin farooq , Country Portfolio Manager , Exness.LTD

I think its better to use some security steps and target your audience carefully. We cannot avoid such risks but can minimize with various steps.

د Waleed
من قبل د Waleed , Management - Leadership-Business Administration-HR&Training-Customer Service/Retention -Call Center , Multi Companies Categories: Auditing -Trade -Customer service -HR-IT&Internet -Training&Consultation

Thank You for the invitation ... I would agree with answers that really covered your question ... Variety of correct info and opinions !

مستخدم محذوف‎
من قبل مستخدم محذوف‎

Train your staff to increase security awarenes.

Noura Abdel nasser
من قبل Noura Abdel nasser , events

i think it would be through good train to the employees and to be aware up to date with the new articles and updates 

TAYKER KHAN
من قبل TAYKER KHAN , WAITER , KYO CHON MALAYSIA

The best way to ensure your policy works is to develop it through consultation with your employees and strictly enforce it. Employees are less likely to circumvent restrictions if they understand the logic behind them and have been involved in developing the overall policy.

Hassan El Debbes
من قبل Hassan El Debbes , Managing Director / Marketing Manager , Alarabiya Advertising Co. / Alarabiya Electrical Co.

A better understanding of this threat will lead for better proactive actions that can protect the company from such a digital danger.Experts at IT departments should train the company's employees on a periodic base how to be aware and prevent this threat. 

المزيد من الأسئلة المماثلة