Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod.

Similar presentations


Presentation on theme: "Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod."— Presentation transcript:

1 Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod

2 Agenda Intro About Actiance Social Media on the Rise Benefits of Social Media Understanding the Risks Applicable Regulations Anecdotes Applying Appropriate Controls Wrap-up Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 1

3 About Actiance Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 2  Enable the New Internet – 4,500+ Web 2.0 apps, Unified Communications, Social Networks  Global operations – USA, EMEA, India, Asia/Pacific  Market Leader – 9 of the top 10 US banks – Top 5 Canadian banks – 3 of the top 5 energy companies  Broadest Partner Ecosystem – Technology alliances

4 Social Is Booming Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 3 Social Networking Social Collaboration Social Publishing Social Feedback

5 Upside of Social Media Generate buzz and increase visibility Strengthen customer relations Build an additional revenue source Extend your brand Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 4

6 Risks of Using Social Media and Web 2.0 Data Leakage Personal Information Intellectual Property Credit Card, SSN Client Records Incoming Threats Malware, Spyware Viruses, Trojans Inappropriate Content Compliance & eDiscovery SEC, FINRA HIPAA, FISMA SOX, PCI, FSA FRCP- eDiscovery FERC, NERC User Behavior Employee Productivity Bandwidth Explosion Every employee is the face of business Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

7 Web 2.0 & Social Networks Regulation & Compliance SEC and FINRA Obliged to store records and make accessible. Public correspondence requires approval, review and retention. Extended to social media. Gramm-Leach-Bliley Act (GLBA) Protect information, monitor for sensitive content, and ensure not sent over public channels (e.g., Twitter) PCI Ensuring cardholder data is not sent over unsecured channels AND PROVING IT Red Flag Rules Prevent identity theft. Protect IM and Web 2.0 from malware and phishing when users are more likely to drop their guard. FRCP (eDiscovery) and IM are ESI. Posts to social media sites must be preserved if reasonably determined to be discoverable. Sarbanes-Oxley (SOX) Businesses must preserve information relevant to the company reporting. RegulationSocial Network and Web 2.0 Impact Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

8 Real-Life Anecdotes Citibank Deloitte Financial Northshore Bank Online Banking Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 7

9 So who’s using Social Media? And Why?  Sales & Marketing  Promotions  Advertising  Branding  HR  Background checks  Recruiting  Scientists & Researchers  Information exchange  Collaboration  IT  Investigation of security breaches Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

10 Social Networking: Balancing Benefit & Risk Risks & Challenges  Employee productivity – Control who can access what, when, and for how long  Content security – Introduction of malware  Brand and reputation protection – Allow “approved corporate posters” to self-moderate – Moderate posts from unapproved corporate posters  IP/Information Leak Prevention/NDA compliance – Sensitive, confidential term dictionary matching – Stop contract staff accidentally leaking your secrets – Quarantine posts for moderation by a reviewer – Quick deployment, no desktop touch  Compliance with regulation (e.g., FINRA, PCI) – Archive content – Stop credit card number patterns – Control specific content Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

11 Appropriate Controls: The Basics Who needs controls applied?  Users within your organization - HR, Marketing, Sales, IT? How do I apply these controls?  Are there tools available? Where do I get started? Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 10

12 Appropriate Controls: The Specifics Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 11 Identity managementEnsure that all the different logins of an individual link back to corporate identity Activity controlPosting of content allowed for marketing but read-only for everyone else Granular application controlEmployees can access Facebook, but not Facebook Chat or Facebook Games Anti-malwareProtect network against hidden phishing or Trojan attacks Data leak preventionProtect organization from employees disclosing sensitive information ModerationMessages posted only upon approval by designated officer Logging and archivingLog all content posted to social networks Export of dataExport stored data to any archive or WORM storage IssueControl Requirements

13 USG: Enable the ‘New Internet’ URL Filtering Anti-Malware Anti-Virus Unified Policy Management AD Integration, Company/Group/User, Time of Day, Bandwidth Application Control & Security Application Enablement Application Control Engine Reporting Public IM Web 2.0 & Application Control Socialite Web 2.0 Enablement Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

14 USG: Visibility & Control of More Than 4,500 Applications Social Networking914 Instant Messaging255 IPTV76 Remote Admin Tools41 P2P166 VoIP96 Web Conferencing55 Commercial Monitoring Software215 Anonymizer32 Webmail CategoryNumber Example Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

15 SaaS Infrastructure Fully Redundant Architecture End-to-End Failover Fully Redundant and Mirrored Database Extensive Network and Application Monitoring and Alerting Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

16 Questions Jim Hilsenrod


Download ppt "Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod."

Similar presentations


Ads by Google