Establishing Digital Trust: Don't Sacrifice Security for Convenience
Quarterbacks Peyton Manning and Drew Brees will take their share of hits this coming Super Bowl Sunday, but IT departments should be on the defensive, as well. Network security firm Palo Alto Networks warns major events like this inevitably lead to big increases in bandwidth use and security issues the day after, if not longer.
"I think any time you have these kind of broad-based, cultural events, whether it's the Super Bowl, March Madness, an election, the Grammys or Oscars or the Olympics, a lot of people tune in and when they get to work, they change the way they interact," Chris King, director of product marketing at Palo Alto Networks," told InternetNews.com. "They go to Facebook, Twitter and these other social networking sites to interact instead of the water cooler."
And that interaction can lead to big jumps in bandwidth use, enough to affect a company's network performance, as well as raise numerous security concerns.
Palo Alto Networks does a biannual survey of IT clients tracking network use based on data that is anonymized. In its just-released Application Usage and Risk Report covering a six-month period in late 2009 of consumer user habits at work, the company found that Twitter use had grown inside the enterprise by 54 percent over the previous six-month period reported last spring. Active Twitter sessions grew 252 percent and bandwidth consumption skyrocketed over that period some 775 percent.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The company said the latest report is based on results from 213 global enterprise customers.
"You look at the bandwidth growth, that's a lot of tweets at 140 characters per tweet," said King, who added many tweets include bandwidth hungry links to videos. The report also found that Twitter has quickly risen to become the most used instant messaging application ahead of Yahoo or AOL Instant Messenger (AIM).
Avoid knee-jerk responses
King noted that Twitter, Facebook, and other social networks have been targets for phishing attacks and used to spread malware, and those threats increase as the use of social media increases.
"The knee-jerk response of a lot of IT folks is going to be to address the productivity and bandwidth issues by cutting off access, but that's not always a good solution," said King.
"The most basic reason is they don't have the facilities to effectively limit access," he continued. "They might try URL filtering, but users are smart enough to get around that. The standard approach of limiting port and IP addresses doesn't work because users can still get at the applications. So the problem is that blocking social networks summarily doesn't work and allowing their use blindly is risky."
"You need to strike a good balance to safely enable Web applications," he said. "Maybe you limit the functionality of some sites and scan for threats. For example, allow Facebook, but don't allow Mafia Wars," (a popular game on Facebook).
One thing to scan for on Twitter is the shortened URLs which have been known to have been used in phishing attacks, sending users to phony and potentially dangerous sites.
Third-party vendors offer a range of solutions. Palo Alto Networks is one of a number of a companies that specialize in firewall and other security tools.