This article originally appeared in the Oct. 2011 issue of INTERNET TELEPHONY
Firms are using more consumer-style web applications, and 84 percent of firms are increasing their use of web applications, according to Forrester (News - Alert). As consumer grade tools and services such as blogs, Twitter, Facebook and LinkedIn enter into the IT security landscape, companies are encountering increasing risks. Internet applications, web services and other consumer online products are swiftly distorting the lines between corporate and personal usage, while data loss and malware outbreaks are snowballing out of control.
Banning the use of consumer-style tools like Twitter, Facebook and LinkedIn (News - Alert) by employees is no longer practical. Furthermore, interference and application control policies are turning out to be useless with dynamic user produced content and cross-site, drive-by attacks on reliable websites. All of this compounded by the ability to gain access via multiple endpoints including mobile devices, PDAs, and tablets.
Deep content inspection-based security solutions empower organizations to take advantage of the benefits of social media, while safeguarding organizational policies and guaranteeing compliance mandates are met. The solutions offer strong visibility of the application content and the aptitude to apply flexible policies over users, applications and protocols based on the real-time comprehension of the intent of these applications.
Placing remediation-based, high-performance web security products with deep content inspection in their networks permits organizations to certify real-time security enforcement when retrieving dynamic web applications. Organizations no longer need to agonize over what is being approved when they know that malicious content is blocked and only clean content is accessible.
Traditional methods that rely on allow or block policies are now out-dated since employees utilize social media for both work and non-work related activities. Alternatively, security platforms that permit clean content offer greater benefits to the organization by scanning and securing everything coming in and out of the network to protect against malware transmissions, data loss and blended threats.
Hackers are capitalizing on the downloading of malicious content or browsing malicious sites and thereby increasing the popularity of psychological manipulation of end users by hackers through social media. Recent studies by a leading security vendor show that social networking sites are ten times more effective at delivering malware than previous methods of e-mail delivery. To defend an organization against these socially engineered attacks, inline real-time threat protection and malware analysis of all content, including hidden injected malware attacks and downloads, is essential. Deep content inspection-based solutions, with high-performance architecture and anti-malware analytical engines are capable of effectively analyzing web traffic for malicious attacks at all endpoints. This provides organizations with the comfort of knowing that they are still protected, even if their employees have been tricked.
Deep content inspection-based data filtering and content scanning capabilities can precisely monitor and control sensitive data transmitted in web, e-mail, and network applications, thus averting costly information leaks being transmitted through traditional or consumer-focused applications. Organizations must continue to assess the application of policies that are intended to protect sensitive corporate information being retrieved through consumer-style applications (fileshare, Gmail documents, etc.) or other social media sites.
Social media carries an array of legal risks and requires the same compliance and regulations that govern e-mail and the static web. Whether a firm allows the use of social media or not, employees continue to use these sites, opening up the company to potential compliance violations. Companies are able to expand their reach to Web 2.0 and social media in order to maintain compliance by ensuring that an organization’s internal policies and archiving systems are safe.
TMCnet publishes expert commentary on various telecommunications, IT, call center, CRM and other technology-related topics. Are you an expert in one of these fields, and interested in having your perspective published on a site that gets several million unique visitors each month? Get in touch.
Edited by Jennifer Russell