Vulnerabilities / Threats
7/2/2009
02:38 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Survey: More Than Half Of Firms Plan To Secure Social Networking Use

Compared with a related survey last fall 2008, many more IT pros are reporting use of social media at their companies, according to FaceTime survey's of more than 1,100 IT respondents

BELMONT, Calif., July 1, 2009 " FaceTime Communications " the leading provider of solutions enabling the safe use of Web 2.0 and unified communications in the enterprise " found in a survey that Social Networking is widely accepted by IT respondents, and 51 percent plan to beef up security within the next 12 months.

Compared with a related survey in fall 2008 ("The Collaborative Internet: Usage Trends, IT Attitudes and End User Impact"), many more IT professionals are reporting that social media is in use at their companies, up from 60 percent six months ago to 85 percent now.

FaceTime surveyed more than 1,100 prospects, customers and other IT professionals identified through Twitter, Facebook, Plaxo and LinkedIn between May 21 and June 1.

"The widespread acceptance of social networking as a reality for the corporate network is a relatively new phenomenon," said Nishant Jadhav, director of Product Management for FaceTime Communications. "However, managers are already recognizing the business value of social networking with 31 percent of respondents seeing significant business value and only 21 percent seeing no business value."

More than half of respondents would like to see specific support for Web2.0 integrated into their Web security platform and nearly 20 percent would deploy dedicated solutions to control Web2.0.

"The reality that real-time communications and Web 2.0 applications are highly evasive is sinking in." continued Nishant Jadhav, "These applications are designed to get around Web filtering, firewalls and other traditional security measures through port crawling, tunneling and onion routing."

Other findings:

  • 30 percent would not consider a Web security platform that did not have the ability to secure and manage social networking and Web 2.0 applications
  • 32 percent said social networking is a critical business collaboration tool
  • 87 percent personally use social networks on the corporate network
  • 80 percent said information leakage is a primary concern with social networking use
  • 15 percent said social networking is "blocked" on the corporate network
  • 51 percent estimate that employees use social networks at work more than an hour per day

    Download the survey report Social Networking in the Enterprise: Working, or Not Working.

    About FaceTime's Unified Security Gateway FaceTime's Unified Security Gateway (USG) is a secure Web gateway appliance that integrates Web 2.0 application detection and control, gateway malware protection and Web filtering with FaceTime's best-in-class IM hygiene and archiving. With this single point of control, more than 2,100 Web and real-time applications and many thousands of social networking applications can be tracked, monitored and controlled to give organizations complete visibility into all Internet communications, and simplify administration.

    With USG, IT administrators can set time of day or usage policies across all applications and view detailed reports to gain complete visibility into employees use of the network " not only in terms of browsing but also specific Web 2.0 usage. This complete visibility and control provides IT with a distinct advantage in managing network resources in addition to securing against inbound malware and putting controls in place to prevent outbound data leakage.

    About FaceTime Communications FaceTime Communications enables the safe and productive use of instant messaging, Web usage and Unified Communications platforms. Ranked number one by IDC for five consecutive years, FaceTime's award-winning solutions are used by more than 1,000 customers for security, management and compliance of real-time communications. FaceTime supports or has strategic partnerships with all leading public and enterprise IM network providers, including AOL, Google, Microsoft, Yahoo!, Skype, IBM and Jabber.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    Partner Perspectives
    What's This?
    In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

    As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
    Featured Writers
    White Papers
    Cartoon
    Current Issue
    Dark Reading's October Tech Digest
    Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
    Flash Poll
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2013-3304
    Published: 2014-10-30
    Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

    CVE-2013-7409
    Published: 2014-10-30
    Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

    CVE-2014-3446
    Published: 2014-10-30
    SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

    CVE-2014-3584
    Published: 2014-10-30
    The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

    CVE-2014-3623
    Published: 2014-10-30
    Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vect...

    Best of the Web
    Dark Reading Radio
    Archived Dark Reading Radio
    Follow Dark Reading editors into the field as they talk with noted experts from the security world.