Do you allow social media sites

mnashemnashe Member Posts: 136 ■■■□□□□□□□
I was wondering how everyone handles social media sites (facebook, twitter, youtube, etc) at their companies.

We only allow it by request and it needs to be approved by management. There's some debate on whether it should be opened for all

I'm not a security expert, but it seems risky

thoughts?

Comments

  • LordQarlynLordQarlyn Member Posts: 661 ■■■■■■□□□□
    Social media sites are a social engineer's goldmine. Too many people input everything about themselves on them. Not to mention, they are bandwidth intensive. In developed countries that may not be as big deal but here bandwidth costs $600 per Mbps, so companies have to have small pipelines. Social media apps can spread malware, notably Trojans, but Locky ransomware was spread by images in Facebook and LinkedIn. So, yes they have risks, they can waste time, and they can clog bandwidth.

    We used to have a generous social media policy, Facebook for all its flaws is still a good tool to stay in touch with loved ones. But as our company grows here, and people abuse it, we've had to cut down. I've set caps for bandwidth for all social media sites to 5% of our pipeline excepting LinkedIn, allowing for case by case exceptions. Safety and training can use YouTube for training videos, for example.
  • tedjamestedjames Scruffy-looking nerfherdr Member Posts: 1,179 ■■■■■■■■□□
    We allow it but only with management approval if there is a legitimate business need. Otherwise, staff can always check their social media accounts with their personal smart phones.
  • Danielm7Danielm7 Member Posts: 2,304 ■■■■■■■■□□
    Most social media is allowed at my workplace, streaming audio/video is not, some other restrictions. But if you want to check FB on some downtime, go crazy. If the bandwidth is in check, then it's a management problem if someone abuses it.
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,250 Mod
    Most companies allow them these days...something about work life balance etc etc
    Certs: GPEN, GCFA, CISM, CRISC, RHCE
    In Progress: MBA
  • mnashemnashe Member Posts: 136 ■■■□□□□□□□
    thanks for all replies. good stuff
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Member Posts: 147 ■■■□□□□□□□
    To follow what UnixGuy said, most of the companies I have worked for allow it. The only place I knew who really blocked sites was a bank I worked at...which makes sense.
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • tedjamestedjames Scruffy-looking nerfherdr Member Posts: 1,179 ■■■■■■■■□□
    I worked a six-month contract at Dell in 2006. At the time, they blocked everything right now to Yahoo mail and LinkedIn. My last state agency didn't block anything. However, they monitored traffic pretty heavily. How one of my co-workers got away with streaming Netflix, I'll never know.
  • jamshid666jamshid666 A+, CCDA, CCNA-R&S, CCNA-Security, CIW-SDA, i-Net+, Network+, Project+, Security+, Server+, Splunk C Fayetteville, NCMember Posts: 48 ■■■□□□□□□□
    I currently work for a federal agency, I'm lucky when I can get to a legitimate site let alone anything like social media.
    WGU BS - Network Operations and Security Estimated completion: May 2019
    Remaining courses: C846 (ITIL), C768 (OA), C850 (OA), C769 (Capstone)
    Active Certifications: A+, CCDA, CCNA-R&S, CCNA-Security, CIW-SDA, i-Net+, Network+, Project+, Security+, Server+, Splunk Certified User, VCP-DCV
    Expired Certifications: CCNP, LPIC-1, MCSE, RHCSE,
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,915 Mod
    My company is very strict about about web access. We allow it but monitor it diligently. Due to documented incidents involving data exfil we block social, personal email, and file sharing sites as the risk is above our appetite. We also block streaming because it was being abused. As for everything in life, there’s a process to build a business case and request an exception for all of these. We provide an isolated guest network for people to hook up their personal devices if they chose so.
  • E Double UE Double U Member Posts: 1,847 ■■■■■■■■■□
    Pretty liberal where I am and many things (gambling, ****, social media, streaming) are not blocked. A decision was made to block webmail though because of some recent incidents. So I cannot access my Gmail, but just last week while checking a Splunk dashboard we saw lots of traffic from a user going to an orgy site lol.

    I recall having a discussion with a colleague about this one user that got some virus pop-ups after visiting some "adult-oriented" sites and he told me that we couldn't officially tell him it isn't allowed. We can give warnings about the potential harm of certain types of sites, but not that the specific category is not allowed. He said people are allowed to use their computers as they wish outside of normal working hours. I argued that company equipment should follow company policy regardless of time and then I discovered that there was no policy violation. We really respect work-life balance here, well, that is unless you want to check your personal email icon_smile.gif
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.

    2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    No access to any social media or email unless you are a recruiter, marketing, or an executive.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • DZA_DZA_ Untitled. Member Posts: 438 ■■■■■■□□□□
    Like most folks on the thread, my employer blocks most social websites however I did see some fall through the cracks like Vimeo and surprisingly Spotify. My previous employer had the flood gates open where as on the production network, you could browse all social media websites. At this same company (MSP), I had to unblock a website called "ZipperCellblock" that a music licensing company (our client) needed access to as they were their client. We got weird requests for whitelists approvals every now and then.
  • shednikshednik Member Posts: 2,005
    We're limited very little where I work now, but I've been at places that were pretty strict.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    cyberguypr wrote: »
    My company is very strict about about web access. We allow it but monitor it diligently. Due to documented incidents involving data exfil we block social, personal email, and file sharing sites as the risk is above our appetite. We also block streaming because it was being abused. As for everything in life, there’s a process to build a business case and request an exception for all of these. We provide an isolated guest network for people to hook up their personal devices if they chose so.

    this is us as well :)
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • umarbhattiumarbhatti Member Posts: 67 ■■□□□□□□□□
    I am working on a Fed Gvt project so when i use that machine all sites are blocked apart from pre-approved site.
    Non-Gvt workstation all sites are open (thats a benefit of being in IT)
    For end users, social media is blocked. Everyone has smart phones these days anyway
  • sonyvaio18sonyvaio18 Registered Users Posts: 4 ■□□□□□□□□□
    This is all good stuff, thanks!
Sign In or Register to comment.