Today, every employer is faced with social media—both its benefits and potentially harmful consequences. As the use of online forums and large social networks continue to grow rapidly, so does the amount of sensitive information online. This information can be utilized to carry out social engineering attacks against your company using a technique referred to as Phishing.
Phishing is an attempt to acquire information such as usernames, passwords, and credit card details in an unauthorized manner by someone acting as a trustworthy entity. Communications appearing to be from popular social web sites, customers, business partners or IT personnel are commonly used to lure the unsuspecting target. The more information that is available about your company, the more threatening these attacks can be.
Phishing is one of the quickest and easiest ways for an attacker to gain access to your sensitive information and systems, even with the most hardened physical security practices in place. Three steps you can take to prepare your organization to defend itself are:
1. Develop a social media policy that precisely defines how social media sites are to be used throughout the company.
2. Create an internal awareness program alerting employees to the potential threat of social media. Support this program with a Security Incident reporting process.
3. Establish strong policies and procedures related to the communication of company information.
4. Block known phishing attempts, by leveraging DNS black holes, proxy server content filtering or even firewalling malicious hosts.
With questions about phishing or the security risks of social media in the workplace, contact Superior Technology Solutions. We look forward to sharing our extensive background in security with your organization. For more information, visit us on the web at www.superiortechnologysolutions.com or call us at 845-735-3555.
Comments are closed.