Do you allow social media sites
I was wondering how everyone handles social media sites (facebook, twitter, youtube, etc) at their companies.
We only allow it by request and it needs to be approved by management. There's some debate on whether it should be opened for all
I'm not a security expert, but it seems risky
thoughts?
We only allow it by request and it needs to be approved by management. There's some debate on whether it should be opened for all
I'm not a security expert, but it seems risky
thoughts?
Comments
-
LordQarlyn Member Posts: 693 ■■■■■■□□□□Social media sites are a social engineer's goldmine. Too many people input everything about themselves on them. Not to mention, they are bandwidth intensive. In developed countries that may not be as big deal but here bandwidth costs $600 per Mbps, so companies have to have small pipelines. Social media apps can spread malware, notably Trojans, but Locky ransomware was spread by images in Facebook and LinkedIn. So, yes they have risks, they can waste time, and they can clog bandwidth.
We used to have a generous social media policy, Facebook for all its flaws is still a good tool to stay in touch with loved ones. But as our company grows here, and people abuse it, we've had to cut down. I've set caps for bandwidth for all social media sites to 5% of our pipeline excepting LinkedIn, allowing for case by case exceptions. Safety and training can use YouTube for training videos, for example. -
tedjames Member Posts: 1,182 ■■■■■■■■□□We allow it but only with management approval if there is a legitimate business need. Otherwise, staff can always check their social media accounts with their personal smart phones.
-
Danielm7 Member Posts: 2,310 ■■■■■■■■□□Most social media is allowed at my workplace, streaming audio/video is not, some other restrictions. But if you want to check FB on some downtime, go crazy. If the bandwidth is in check, then it's a management problem if someone abuses it.
-
UnixGuy Mod Posts: 4,570 ModMost companies allow them these days...something about work life balance etc etc
-
MalwareMike Member Posts: 147 ■■■□□□□□□□To follow what UnixGuy said, most of the companies I have worked for allow it. The only place I knew who really blocked sites was a bank I worked at...which makes sense.Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com -
tedjames Member Posts: 1,182 ■■■■■■■■□□I worked a six-month contract at Dell in 2006. At the time, they blocked everything right now to Yahoo mail and LinkedIn. My last state agency didn't block anything. However, they monitored traffic pretty heavily. How one of my co-workers got away with streaming Netflix, I'll never know.
-
jamshid666 Member Posts: 48 ■■■□□□□□□□I currently work for a federal agency, I'm lucky when I can get to a legitimate site let alone anything like social media.WGU BS - Network Operations and Security Estimated completion: May 2019
Remaining courses: C846 (ITIL), C768 (OA), C850 (OA), C769 (Capstone)
Active Certifications: A+, CCDA, CCNA-R&S, CCNA-Security, CIW-SDA, i-Net+, Network+, Project+, Security+, Server+, Splunk Certified User, VCP-DCV
Expired Certifications: CCNP, LPIC-1, MCSE, RHCSE, -
cyberguypr Mod Posts: 6,928 ModMy company is very strict about about web access. We allow it but monitor it diligently. Due to documented incidents involving data exfil we block social, personal email, and file sharing sites as the risk is above our appetite. We also block streaming because it was being abused. As for everything in life, there’s a process to build a business case and request an exception for all of these. We provide an isolated guest network for people to hook up their personal devices if they chose so.
-
E Double U Member Posts: 2,240 ■■■■■■■■■■Pretty liberal where I am and many things (gambling, ****, social media, streaming) are not blocked. A decision was made to block webmail though because of some recent incidents. So I cannot access my Gmail, but just last week while checking a Splunk dashboard we saw lots of traffic from a user going to an orgy site lol.
I recall having a discussion with a colleague about this one user that got some virus pop-ups after visiting some "adult-oriented" sites and he told me that we couldn't officially tell him it isn't allowed. We can give warnings about the potential harm of certain types of sites, but not that the specific category is not allowed. He said people are allowed to use their computers as they wish outside of normal working hours. I argued that company equipment should follow company policy regardless of time and then I discovered that there was no policy violation. We really respect work-life balance here, well, that is unless you want to check your personal emailAlphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
blargoe Member Posts: 4,174 ■■■■■■■■■□No access to any social media or email unless you are a recruiter, marketing, or an executive.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
DZA_ Member Posts: 467 ■■■■■■■□□□Like most folks on the thread, my employer blocks most social websites however I did see some fall through the cracks like Vimeo and surprisingly Spotify. My previous employer had the flood gates open where as on the production network, you could browse all social media websites. At this same company (MSP), I had to unblock a website called "ZipperCellblock" that a music licensing company (our client) needed access to as they were their client. We got weird requests for whitelists approvals every now and then.
-
shednik Member Posts: 2,005We're limited very little where I work now, but I've been at places that were pretty strict.
-
jcundiff Member Posts: 486 ■■■■□□□□□□cyberguypr wrote: »My company is very strict about about web access. We allow it but monitor it diligently. Due to documented incidents involving data exfil we block social, personal email, and file sharing sites as the risk is above our appetite. We also block streaming because it was being abused. As for everything in life, there’s a process to build a business case and request an exception for all of these. We provide an isolated guest network for people to hook up their personal devices if they chose so.
this is us as well"Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke -
umarbhatti Member Posts: 67 ■■□□□□□□□□I am working on a Fed Gvt project so when i use that machine all sites are blocked apart from pre-approved site.
Non-Gvt workstation all sites are open (thats a benefit of being in IT)
For end users, social media is blocked. Everyone has smart phones these days anyway