Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod.

Slides:

Advertisements

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Advertisements

By HAIDER I MOHSIN Securing Confidential Data with Data Loss Prevention Systems.

Barracuda Message Archiver

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Information Security Awareness Training

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

Security Controls – What Works

Welcome to New Hire Orientation Information Security

CallingSharingMessagingPresenceMeetingsPeople Services DevicesAppliances Manage PSTN Servers and Services 3 rd party ecosystem.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Security Guidelines and Management

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureSurf Protect your users when surfing the Internet.

Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.

Information Security Information Technology and Computing Services Information Technology and Computing Services

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

1 Monday, June 27, 2011Copyright© 2011 Dragnet Dragnet ® Cloud Service Introduction Matthew McLeod, Managing Director

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Marketing of Information Security Products. The business case for Information Security Management.

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

InterScan Gateway Security Appliance 1.0 Filip Demianiuk Sales Engineer Eastern Europe

1 Brett Roberts Director of Innovation | Microsoft NZ | 28 Aug 07 Technology and Privacy.

Copyright 2009 Trend Micro Inc. Classification 9/9/ Corporate End User Study Employee Online Behavior.

COPYRIGHT © 2007, PATRIOT TECHNOLOGIES, INC. THIRD PARTY BRANDS & NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS Maryland Digital Government Summit.

1 Solving the records management problem A cloud-computing approach to archiving Amanda Kleha Product Marketing, Google May 20, 2008.

Dell Connected Security Solutions Simplify & unify.

Instant Messaging – Turning Toys Into Tools Presented by: Marla K. Brock – Bilzin Sumberg Kajetan Koci – Loeb & Loeb Kevin Sullivan – Cohen & Grigsby.

Barracuda Web Filter Overview. Introduction to the Barracuda Web Filter Integrated content filtering and Web security –Regulate leisure browsing Adult,

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Data Center Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory compliances?

Maintaining a Secure Messaging Environment Across , IM, Web and Other Protocols Jim Jessup Regional Manager, Information Risk Management Specialist.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

ARE YOU BEING SAFE? What you need to know about technology safety Shenea Haynes Digital Citizenship Project ED 505.

Tippecanoe 4-H Computer Project Mikel BergerBret Madsen Ed Evans

Introduction to Barracuda IM Firewall. Two Security Products in One Public IM Management –Manages traffic from public IM clients, including AIM, Yahoo!

Developing a Social Media Policy Manish Mandhyan, CRCM, CAMS.

1 Managing IT and security Risks from Social Media in Your business By Boris Agranovich Copyright.

Protecting Your Business! SBA Ft. Lauderdale November 15, 2006 Gregory Levine, Sr. Director Marketing.

The Changing World of Endpoint Protection

SPAM Settings. The ExchangeDefender Admin Site is a powerful tool that gives you access to all of the benefits ExchangeDefender has to offer, from the.

13-1 Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter 13 Information Technology for Business.

FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Complete Cloud Security

Education Archiving, Internet & Social Media Monitoring

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

INTRODUCTION  netCORE offers 360 degree digital communication solutions Messaging and Mobility  Pioneers in Linux based mailing solution and catering.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Check Point & Security Market June 2013.

Blue Coat Confidential Web and Mobile Application Controls Timothy Chiu Director of Product Marketing, Security July 2012.

Secure Services Shared Hosted MS Exchange 2010.

Compliance for IBM Connections Cinthia Shields Director, Business Development-IBM Partner Manager

Web security | data security | security © 2010 Websense, Inc. All rights reserved. Strategy for Defense Against Web-based Advanced Persistent Threats.

Lecture 9 - Business Information Systems: Electronic Business Systems

Do you know who your employees are sharing their credentials with

Current ‘Hot Topics’ in Information Security Governance Auditing

SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.

Presentation transcript:

Social Networking: What You Don’t Know Can Hurt You Jim Hilsenrod

Agenda Intro About Actiance Social Media on the Rise Benefits of Social Media Understanding the Risks Applicable Regulations Anecdotes Applying Appropriate Controls Wrap-up Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 1

About Actiance Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 2  Enable the New Internet – 4,500+ Web 2.0 apps, Unified Communications, Social Networks  Global operations – USA, EMEA, India, Asia/Pacific  Market Leader – 9 of the top 10 US banks – Top 5 Canadian banks – 3 of the top 5 energy companies  Broadest Partner Ecosystem – Technology alliances

Social Is Booming Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 3 Social Networking Social Collaboration Social Publishing Social Feedback

Upside of Social Media Generate buzz and increase visibility Strengthen customer relations Build an additional revenue source Extend your brand Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 4

Risks of Using Social Media and Web 2.0 Data Leakage Personal Information Intellectual Property Credit Card, SSN Client Records Incoming Threats Malware, Spyware Viruses, Trojans Inappropriate Content Compliance & eDiscovery SEC, FINRA HIPAA, FISMA SOX, PCI, FSA FRCP- eDiscovery FERC, NERC User Behavior Employee Productivity Bandwidth Explosion Every employee is the face of business Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

Web 2.0 & Social Networks Regulation & Compliance SEC and FINRA Obliged to store records and make accessible. Public correspondence requires approval, review and retention. Extended to social media. Gramm-Leach-Bliley Act (GLBA) Protect information, monitor for sensitive content, and ensure not sent over public channels (e.g., Twitter) PCI Ensuring cardholder data is not sent over unsecured channels AND PROVING IT Red Flag Rules Prevent identity theft. Protect IM and Web 2.0 from malware and phishing when users are more likely to drop their guard. FRCP (eDiscovery) and IM are ESI. Posts to social media sites must be preserved if reasonably determined to be discoverable. Sarbanes-Oxley (SOX) Businesses must preserve information relevant to the company reporting. RegulationSocial Network and Web 2.0 Impact Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

Real-Life Anecdotes Citibank Deloitte Financial Northshore Bank Online Banking Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 7

So who’s using Social Media? And Why?  Sales & Marketing  Promotions  Advertising  Branding  HR  Background checks  Recruiting  Scientists & Researchers  Information exchange  Collaboration  IT  Investigation of security breaches Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

Social Networking: Balancing Benefit & Risk Risks & Challenges  Employee productivity – Control who can access what, when, and for how long  Content security – Introduction of malware  Brand and reputation protection – Allow “approved corporate posters” to self-moderate – Moderate posts from unapproved corporate posters  IP/Information Leak Prevention/NDA compliance – Sensitive, confidential term dictionary matching – Stop contract staff accidentally leaking your secrets – Quarantine posts for moderation by a reviewer – Quick deployment, no desktop touch  Compliance with regulation (e.g., FINRA, PCI) – Archive content – Stop credit card number patterns – Control specific content Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

Appropriate Controls: The Basics Who needs controls applied?  Users within your organization - HR, Marketing, Sales, IT? How do I apply these controls?  Are there tools available? Where do I get started? Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 10

Appropriate Controls: The Specifics Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved. 11 Identity managementEnsure that all the different logins of an individual link back to corporate identity Activity controlPosting of content allowed for marketing but read-only for everyone else Granular application controlEmployees can access Facebook, but not Facebook Chat or Facebook Games Anti-malwareProtect network against hidden phishing or Trojan attacks Data leak preventionProtect organization from employees disclosing sensitive information ModerationMessages posted only upon approval by designated officer Logging and archivingLog all content posted to social networks Export of dataExport stored data to any archive or WORM storage IssueControl Requirements

USG: Enable the ‘New Internet’ URL Filtering Anti-Malware Anti-Virus Unified Policy Management AD Integration, Company/Group/User, Time of Day, Bandwidth Application Control & Security Application Enablement Application Control Engine Reporting Public IM Web 2.0 & Application Control Socialite Web 2.0 Enablement Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

USG: Visibility & Control of More Than 4,500 Applications Social Networking914 Instant Messaging255 IPTV76 Remote Admin Tools41 P2P166 VoIP96 Web Conferencing55 Commercial Monitoring Software215 Anonymizer32 Webmail CategoryNumber Example Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

SaaS Infrastructure Fully Redundant Architecture End-to-End Failover Fully Redundant and Mirrored Database Extensive Network and Application Monitoring and Alerting Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.

Questions Jim Hilsenrod