Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
6 Tips For Securing Social Media In The Workplace
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
stuartjacklin
stuartjacklin,
User Rank: Apprentice
9/19/2014 | 3:04:50 AM
Opinion
It's necessary to use Social media websites and Gmail securely on work .The most important thing that can be done is frequently change your passwords and use of  secure browsers can help you to protect your data .

 

www.pitchussocial.com
Bprince
Bprince,
User Rank: Ninja
5/30/2014 | 11:05:21 AM
Re: Secure your social
The point about LinkedIn I think was just brought home by the situation with the Iranian hackers. It is important for organizations, particularly defense and financial organizations, not to underestimate how much social networking sites can be used for the purposes of recon for attackers.

BP
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
5/22/2014 | 4:04:26 PM
Re: Training
I do think that today most employees today are aware of the risks from social media in the workplace (and at home) but it's easy to fall into bad practices. Technology solutionsn like using Web browsers with high malware block rates seem to me like a no brainer from the IT side. And putting the onus on employees to avoid location-based social media on their corporate mobile devices doesn't seem to onerous. LinkedIn, on the other hand, would require more of an effort in user education. 
JohnPirc
JohnPirc,
User Rank: Author
5/22/2014 | 2:40:19 PM
Re: Secure your social
Thank you Shawn. This point was tied to an actual use case. The amount of data you can mine within LinkedIn isn't only tied to M&A but also employee moral.  When I typically get request to provide recommendations, usually shortly after I gave the recommendation they left their job for another opportunity. Again, I appreciate your commnets.
JohnPirc
JohnPirc,
User Rank: Author
5/22/2014 | 2:31:49 PM
Re: Social media corporate policy
Thank you this is great insight.
PaulS681
PaulS681,
User Rank: Apprentice
5/22/2014 | 8:00:14 AM
Re: Training
It's so easy to say but much harder to do. You have to put time aside for this. That is the toughest part. Real world examples would help. Many that post things about the company don't even realize it, and unless you show them hard examples, they may not get it.

Some kind of interactive piece would also help... Even if that is just asking questions, Get them involved somehow.
jpizzle
jpizzle,
User Rank: Apprentice
5/22/2014 | 6:58:32 AM
Re: Training
Thank you Paul! I couldn't agree with you more.
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
5/21/2014 | 2:44:15 PM
Re: Training
Finding the happy medium of training that is not too technical or too long -- yet still is effective -- sounds like a pretty tall order. Does anybody want to share their best practices (or lessons learned)? 
PaulS681
PaulS681,
User Rank: Apprentice
5/20/2014 | 7:03:11 PM
Training
Training to backup the company policy is a must. You can put all you want in the policy, people just are not going to read it. You could say that it's their problem if they don't read it but it can make major headaches for IT staff if they do something they shouldn't. Training and talking about it helps alot. Keep the training short and to the point, don't get to technical and you can make your job easier.
cumulonimbus
cumulonimbus,
User Rank: Apprentice
5/20/2014 | 5:34:19 PM
Social media corporate policy
If you think that bad news travels 10x as fast as good, then perhaps a good social media policy is minimalistic? I agree that companies need a "firm but fair" policy for social media, and to educate on the downside. I have seen corporate policies that attempt to limit access to certain sites using third party taxonomy, but I am not sure this works as a moral quotient. In the end it comes down to exercising good judgement through emotional intelligence. Thanks for a great article.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Black Hat USA 2022 Attendee Report
Black Hat attendees are not sleeping well. Between concerns about attacks against cloud services, ransomware, and the growing risks to the global supply chain, these security pros have a lot to be worried about. Read our 2022 report to hear what they're concerned about now.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38193
PUBLISHED: 2022-08-16
There is a code injection vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below that may allow a remote, unauthenticated attacker to pass strings which could potentially cause arbitrary code execution in a victims browser.
CVE-2022-38194
PUBLISHED: 2022-08-16
In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file.
CVE-2022-38192
PUBLISHED: 2022-08-16
A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS may allow a remote, authenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the userâ€â&b...
CVE-2022-38362
PUBLISHED: 2022-08-16
Apache Airflow Docker's Provider prior to 3.0.0 shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host.
CVE-2022-30264
PUBLISHED: 2022-08-16
The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer files to and from the fl...