Security Basics mailing list archives
Re: Allowing access to social networking... securely?
From: krymson () gmail com
Date: Fri, 22 May 2009 07:24:36 -0600
It's absolutely ok to disagree! :) That's why security has few slam dunk answers, because so much of it has good points on either side. I agree, there are few *really* sound business uses of many of these sites, but there are plenty of groups that will talk about it at least enough to want to try it out. Also, let's face it, email is broken (to IT) and boring (to marketing and business). I think there is a lot of interest in trying some of the new mediums. My example of hosting videos wasn't framed at all properly, and that's my fault. I meant hosting videos for clients that are not internal, which means a front end much akin to YouTube. That's a pretty big investment when the technology is already there and maintained by someone else. But otherwise internally, you're absolutely right! Likewise, I apologize about disagreeing, but I do so respectfully. :) <- snip -> Michael S Sure you make good points. But none of them are business needs to justify going to SN sites. I understand about the treatment of employees, and what not. But that's not a business need to go to FB, so someone can 'blow off steam'. I guess my example of 'i hate my boss' wasn't so great, but that was my point. It's just random personal blather. I understand the ability for communications and what not that FB and other SN site offer, but do companies need to have that for internal users when all that already exists in their infrastructure??? Krymson Why would we have a group on FB to let employees know about an event, or send out a tweet, when we have 100's of distribution lists in exchange? Why would we send internal users out to the web to view a video on someone else's site, when we have a server farm and a san? Now if you're talking about a small company that may farm those services out because they don't have the infrastructure, then sure maybe. Our HR dept has mandated that FB, Myspace, and similar sites be blocked. We do have exceptions to this, for certain personnel (IE marketing dept) who have an actual business need to communicate with outside users through unique channels. Myself, I love FB and use the heck out of it. But in all the time i've been on there, I cannot think of one single reason why I "need" it at work. I don't think it's a matter of letting adults make their own decisions. What if that decision lets in the next big worm? Even if it was accident, was it worth it so that your users could diddle around a little bit during the day? Our jobs in security require us to evaluate risk vs benefit. To me SN loses. Sorry to disagree. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Re: Glassfish Apache and Tomcat All attONCE ?, (continued)
- Re: Glassfish Apache and Tomcat All attONCE ? Carsten Heesch (May 19)
- Re: Re: Allowing access to social networking... securely? chmod1777 (May 19)
- Re: Allowing access to social networking... securely? Michael Schaefer (May 20)
- RE: Allowing access to social networking... securely? Ian Bradshaw (May 20)
- Re: Allowing access to social networking... securely? Michael Schaefer (May 20)
- Re: Allowing access to social networking... securely? krymson (May 20)
- Re: Allowing access to social networking... securely? krymson (May 20)
- RE: Allowing access to social networking... securely? Robin Smith (FaceTime) (May 21)
- Re: Re: Allowing access to social networking... securely? chmod1777 (May 21)
- Re: Re: Re: Allowing access to social networking... securely? lmaia (May 21)
- RE: Re: Re: Allowing access to social networking... securely? Ian Bradshaw (May 22)
- Re: Allowing access to social networking... securely? krymson (May 22)
- Re: Allowing access to social networking... securely? krymson (May 22)
- Re: Allowing access to social networking... securely? Patrick J Kobly (May 22)
- Re: Re: Allowing access to social networking... securely? no (May 22)
- Re: Allowing access to social networking... securely? Patrick J Kobly (May 25)
- Re: Re: Allowing access to social networking... securely? Stephen Mullins (May 26)