FaceTime Communications Inc. has toughened its gateway controls over three of the most popular social media sites that employees sometimes use ways that endanger organizations.
The company’s Unified Security Gateway 4.0 now offers managers the ability to have power over how users leverage Facebook, Twitter and Linkedin by an optional software social networking control module.
“It’s not just Facebook that’s growing phenomenally, but the way we use social networks,” explained Sarah Carter, FaceTime’s vice-president of marketing.
Some social media uses can be advantageous, giving organizations a better chance at hiring extraordinary people or finding sales links. However, these sites can also be a source of inaccurate – or accurate – company leaks enterprises may want plugged.
For example, Carter said, a pharmaceuticals company saw its stock drop after an employee widely broadcast a message on Twitter about a negative product report he thought was only going to friends. In another instance, an intern managing a British home furnishings’ Twitter account set of a minor crisis by linking it to news of war in Iraq by misusing a hash tag, while a group of researchers that used a Facebook page instead of collaboration software found a competitor was an apt reader because they didn’t know how to manage security.
“For most of the customers we deal with its inadvertent data leakage they’re concerned about more than deliberate leakage,” Carter said.
FaceTime’s Unified Security Gateway 3.0 had some social network application controls, but they weren’t granular, Carter said. Organizations asked the company to include the kind of controls the gateway offers for unified communications and instant messaging apps.
They get it in the social networking control module for USG 4.0 with features that apply only to Facebook, Linkedin and Twitter. One capability is a lexicon library that includes prohibited words and phrases. In addition, managers can limit which employees are allowed to post to these three sites from the enterprise and what sections they can post to. Another feature is identity control that can tie in login names back to a corporate identity for corporate security reports. To ensure those posting keep their tempers, the module offers the ability for organizations to appoint moderator to approval all posts. The moderator can see the context of a message (such as previous messages in a thread). Finally, communications to the three sites can now be archived for regulatory requirements.
An industry analyst said was impressed by the level of significant control the module offers. “This is the first time I’ve seen that depth,” said John Kindervag, a senior analyst at Forrester Research. “Different people [vendors] are saying they can control social networking [sites]. The depth of control in the demo that I saw was pretty dark deep and quite frankly frightening, in as much as it reveals the amount of data is gathered by these sites.”
It could be easier for organizations to flatly deny employee use of social networking sites, but Kindervag notes a number of companies need them for weeding out job applicants. At the same time younger employees are comfortable using such sites.
FaceTime sells the Unified Security Gateway as a hardware or software-only appliance that includes an application control module that governs 4,000 apps. Anti-virus, anti-malware, URL filtering, instant messaging, unified communications and Web 2.0 monitoring modules are extra priced options. The social networking control module costs US$4,800 for 100 users on the virtual appliance and US$8,400 for 100 users on the hardware version.
