Re: Allowing access to social networking... securely?

[Kurt Buff <kurt.buff () gmail com>]

On Thu, May 7, 2009 at 11:14, Daniel I. Didier <ddidier () netsecureia com> wrote:
> I am sure many of us are seeing the shift from the standpoint that
> social networking (SN) is evil and should be blocked, to one that views
> SN as a business tool and full of opportunity.  I believe this is true
> for many organizations.  However, as many of us are aware, SN is full of
> malicious code and techniques to trick users into giving away
> information or attacking their system.  The questions I would like to
> pose to the list are as follows:
>
> What, if anything, should be done above and beyond standard security
> controls to protect against the potential risks of allowing access to
> SN?

Block flash, silverlight and javascript at the firewall. That should
take care of your problems. Heh.

If someone in authority thinks they've got a compelling business case
for allowing one or more sites, set up a PC in a DMZ and allow port
3389 from specific machines on the trusted network to it. Nothing
else.

Kurt

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------