- Category: January 2011
The explosive use of Twitter has many enterprises responding in one of two ways; blindly blocking, which may result in lost productivity and business opportunities or blindly allowing, which can expose the business to unnecessary business and security risks.
Next-generation firewalls allow enterprises to take a very systematic approach to enabling the secure use of Twitter by determining usage patterns, as well as establishing and enforcing corporate policies that enable the business objectives in a secure manner.
- Identify Who is Using Twitter: The first step in safely enabling the use of Twitter is to identify which employees are reading Twitter (reading Tweets) and which are posting to Twitter (Tweeting). Palo Alto Networks identifies Twitter at the service level, which means that even if a desktop client such as TweetDeck, Twhirl or Twitterfeed is in use, the Twitter traffic is identified.
- Define and Enforce Appropriate Usage Policies: After determining who is reading Tweets and who is Tweeting, (via integration with Active Directory, LDAP, eDirectory), administrators can apply appropriate usage policies that support the organization’s goals and objectives. The ability to delineate between Twitter use overall and Tweeting (Twitter posting), means that user-based policies for reading vs. posting can be deployed as a means of enabling the business, allowing some personal use (where appropriate), while protecting the enterprise from security or business risks. The policy control options go beyond the traditional allow or deny:
- Allow or deny
- Allow but scan
- Allow based on schedule
- Decrypt and inspect
- Allow and apply traffic shaping
- Allow for certain users or groups
- Protect the Network From Attacks Propagated Across Twitter: The increased use in social networking applications such as Twitter combined with their relentless barrage of messages have created a very fertile environment for cyber criminals. Studies show that social media sites are 10 times more effective at delivering malware than previous methods of e-mail delivery. The reasons are obvious - users trust each other implicitly and it is easy to entice a user to “click here” by including a reference to an article, or an image via a URL. In the case of Twitter, URLs are shortened to maximize the 140 character limit and as such, it is now even easier to propagate malware because the URL is shortened and indecipherable. Once the Twitter usage policy has been created, an equally detailed threat prevention policy can be enabled to detect and block a wide range of threats including spyware, Trojans, viruses, and application vulnerabilities.
- Monitor Twitter Traffic for Unauthorized Posting: As part of the balancing act between personal and professional use, enterprises must also evaluate how best to implement policies that are designed to limit unauthorized posting of confidential information. With data filtering capabilities, administrators can apply policies to detect the posting of confidential data patterns such as project code names, executive names, or e-mails with varied response options dependent on policy.
With the recommended approach presented here, IT departments can achieve the best of both worlds by enabling usage while protecting users and the company from a wide range of business and security risks.
By Eric Chong, Regional Marketing Director of Palo Alto Networks, Asia Pacific