Facebook Creates Security Paradox for Enterprises
A new report from Internet security firm OpenDNS finds the social networking site is both the most-blocked site and the second-most allowed site on the Web.
Facebook was the most-blacklisted website in 2010, according to a new report from on-demand security services provider OpenDNS, but it was also the second-most-whitelisted site.
The contradictory data illustrates just how vexing the social networking giant has become for IT administrators torn between protecting corporate data from escalating security threats and enhancing brand awareness and customer interaction across the premier social networking platform.
"Overall, 2010 was all about social, and this trend is reflected in the data were seeing at OpenDNS. Facebook is both one of the most blocked and the most allowed websites, reflecting the push/pull of allowing social sites in schools and the workplace," OpenDNS CEO David Ulevitch said in the report. "This trend was also apparent in the phishing data we analyzed, where Facebook and other websites focusing on social gaming were frequently the targets of online scammers."
The report, which was derived from data culled from more than 30 billion DNS queries a day, found that 14.2 of enterprise and school networks actively blacklisted Facebook last year. MySpace checked in second at 9.9 percent followed by YouTube and DoubleClick.net at 8.1 percent and 6.4 percent respectively.
Not surprisingly, websites defined as "pornographic" (85 percent) were the most-filtered URLs in 2010. Proxy/anonymizer sites, which contains sites users will use to try and circumvent Web content filtering settings, were the next most-blocked sites at 76.2 percent, followed by adware (69 percent), nudity (67 percent), gambling (58 percent) and drugs (57 percent).
Among whitelisted websites, which administrators will often single out from a particular category of websites that might otherwise be blocked, YouTube was given a green light on 12.7 percent of networks, just ahead of Facebook at 12.6 percent.
Gmail (9.2 percent), Google (9 percent) and Translate.Google.com (6.3 percent) rounded out the top five websites given the thumbs-up by administrators.
Once again, online payment website PayPal was by the far the most targeted website for phishing campaigns, accounting for more than 45 percent of all website spoofs in 2010.
Facebook checked in second again at 5.3 percent, just ahead of HSBC Group (4.1 percent), World of Warcraft (3.2 percent) and the Internal Revenue Service (3 percent).
By country, the U.S. hosted a staggering 53.8 percent of phishing websites, far outpacing second-place Germany (6.3 percent) and Canada (5.2 percent).
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.