nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: If you're on LinkedIn, and you use a smart phone...

From: Andre Tomt <andre-nanog () tomt net>
Date: Sun, 27 Oct 2013 00:20:20 +0200
On 26. okt. 2013 08:06, Jimmy Hess wrote:

Perhaps a prudent countermeasure would be to redirect all  POP,  IMAP,  and
Webmail access to your corporate mail server from all of  LinkedIn's  IP
space to a  "Honeypot"   that will simply  log   usernames/credentials
attempted.

The list of valid credentials,  can then be used to  dispatch a warning to
the offender,  and force a password change.

This could be a useful proactive countermeasure against the  UIT
  (Unintentional Insider Threat);  of employees  inappropriately   entering
   corporate  e-mail credentials  into a known  third party service  with
  outside of organizational control.

Seeing as  Linkedin  almost certainly is not providing signed NDAs and
  privacy SLAs;   it seems reasonable that  most organizations who
understand what is going on,  would not approve  of use of the service with
their internal business email accounts.
Depends on linkedin beeing nice, but could this be an idea? In addition to the proposed network level controls of course. At least users could get a informative response rather than just some dumb error / "it doesnt work" if you block Intro. 

http://feedback.intro.linkedin.com/forums/227301-linkedin-intro-feedback/suggestions/4801236-some-way-to-block-intro-per-domain

Votes maybe?
I considered proposing making it opt-in on the domain level, but that wont fly for them I'm sure.
Previous By Date Next
Previous By Thread Next

Current thread: