Slashdot Mirror
Businesses Struggle To Control Social Networking
Lucas123 writes "Businesses in highly regulated industries are trying to strike a balance between workers who use social networking sites such as Twitter, Facebook, and LinkedIn to communicate, and trying to satisfy federal requirements to monitor, capture, and audit all forms of electronic communications. As with instant messaging a decade ago, corporations are first blocking all access to the applications, and then considering what tools may be available to control them in the future. A cottage industry is being built around software that can not only control access to social networking websites but also ensure conversations over those websites can be stored for electronic discovery purposes."
I just got a first post on company time...
Aren't these people supposed to be, you know, working?
'Loose' is when your pants are three sizes too big. 'Lose' is when you misuse 'loose'.
It was on my friend's Facebook wall.
"I'm just here to regulate funkiness."
From TFA:
Seriously. What idiot wants his financial transactions posted on FaceBook?
I mean there are enough almost trivial ways to hide information in pretty much any channel when the 2 parties get to meet up before hand to agree a protocol.
I'd almost ask why the even try.
"hi, mike, what time's the meeting today" or "Morning,how're the kids" can carry enough information to let someone game the system.
Social networking just adds a few bands.
Actually, that reminds me... I have paperwork I should be doing.
Good old personal responsibility... sigh.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Hm. I wonder if we perhaps need to rethink the difference between communication and documentation. The current rule seems to be that in regulated industries, any electronic document is subject to documentation/retention requirements. However this comes from an old model, where documents were somehow "official". So things like face-to-face conversations, or telephone calls, were not required to be recorded and archived. But anything written on paper was supposed to be archived to create a paper-trail, and because these were the "official documents".
In a modern world, some electronic documents (PDFs, word processor documents, emails, etc.) have taken the place of "official paper documents", and other electronic communications (instant messaging, social networking sites, etc.) have taken the place of the less-formal communication modes. (Obviously phones and face-to-face conversations still exist, also.)
On the one hand, it seems like the more documentation we can retain in regulated industries, the better off we are. (In case of negligence or malfeasance, it makes it possible to assign blame, bring people to justice, avoid repeating mistakes, etc.) On the other hand, as long as we are allowing some communication modes to be informal or undocumented, then allowing other modes that are also undocumented doesn't seem to change much. (People who want to have secret conversations will surely find a way to do it.)
I'm not sure what the right answer is. But I'm not convinced that making all electronic modes of communication subject to the same level of recording/documentation/archiving really makes sense.
Stockbrokers with smartphones. Ain't going to stop 'em.
To paraphrase Process Leia, The more you tighten your grip, the more slips thru your fingers.
Where I work (the stuff I do when not commenting on Slashdot), they're in the process of trying to harness LinkedIn to increase sales, however, alot of people have difficulty with the concept. The old model consisted of cold calls and "walking the streets". The new hustle is e-mails and add me as your friend.
Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.
Management pondered with the concept of controlling everything but I recommended harnessing it rather then controlling it - it is the only way.
You poor, deluded fool.
One day you'll wake up and see how different the real world is from this fantasy world you live in. Business owns your ass, and government owns your ass. In exchange you are allowed a mediocre existence and a placebo called a "vote".
Seven puppies were harmed during the making of this post.
Websense can suck it.
I want to delete my account but Slashdot doesn't allow it.
The problem with that is that you're only scamming the people who have already "friended" you.
And you're scam has to be visible to them. So if they "friend" anyone who asks, your message will probably be lost in the regular flood of messages.
I think this article is just badly written.
I'd be happy just to have internet access where I work. Also if we get caught with cell phones in our building, we're fired on the spot.
The reason for the documention (and control that such requires) is to keep the company on the right side of the law.
Being able to show the EXACT communication that took place can save a lot of money in fines.
The DoD has been struggling with this same issues as well, they recently issued guidance that opened up social media on their networks.
http://socialmedia.defense.gov/index.php/2010/02/26/dod-official-policy-on-newsocial-media/
If you think you're special because you can do that to get around a block then you are confused. If you can use this sort of workaround then your admins are either idiots or don't actually want to stop you, they just want you to go out of your way enough that its obvious you were breaking the rules.
Either way, you aren't special.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.
I'm fifty years old you insensitive clod. But I'm a software developer, not a sales drone.
I'm sure there some 50 year olds out there with grandchildren. I'm not one of them. Yes, I'm sure.
I had a laugh the other day when I told my daughter (recent uni. grad), and her friends who she was skyping with, about snakes, baby chicks, and chatroulette.
Go figure.
Business doesn't own me.
One business has negotiated to pay a fee for a portion of my time, from which it makes a small profit and I make a large one.
The rest of businesses are my bitches. Even the cable company, which for now provides only my 30-mbps internet connection but soon won't even do that, since fiber is coming to my 'hood.
And my vote is used wisely, not thrown away as no doubt yours is. I interact with the political animals in my purview, and ensure they nod their heads when they are listening to what I say. I don't sit back, throw up my hands, and consider myself unimportant.
Then they would own me.
. . .and blocks Facebook, MySpace, the entire .blogspot.com domain, and YouTube. Wordpress.com is not blocked. Flickr used to be available, but they started blocking that a year and a half ago.
http://www.computerworld.com/s/article/print/9176439/Social_networking_boosts_legal_regulatory_compliance_headaches?taxonomyName=Financial+Services&taxonomyId=130
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
20 degree tangent here, but speaking of gaming the system, some marketers are wheeling out the line "Hi, I have $Boss 's cell number but I just don't have it with me. Can you give it to me?" They're trying to game the "OMG you blocked a call to $Boss" pressure.
However, I drill back the reply "Great, so you can look his number up in your records can call him on his cell. Have a nice day."
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Only Marketing/PR has access to Facebook and Twitter. Even our public wireless access points don't have it. What's funny is that every once in a while they have a drawing or promotion to get employees to follow or friend the company's accounts. The links to the Facebook and Twitter accounts are on the default home page for all the internal browsers.
"He's lost in a 'floyd hole"
I've been getting the same thing but "oops, I misdialed your extension instead of $whomever. Could you just transfer me?"
Considering my extension is the same digit 3 times, I can't see how they possibly misdialed.
Oh, please tell me that it involved feeding one of those animals to the other and and thus horrifying chatroulette users in a way that won't put you on an offender list.
social network controls bustiness.
Back in 2004/2005 when I was working on Linux-based clusters for a company, I got to wondering if this could be done with Win-based PCs - my curiosity came from the fact that I could easily do this with individual Linux nodes when they went bad due to hardware failure, or whatever other reason for the failure.
So I went searching to see if it was possible. Turns out is was indeed possible. Know where I found the information? A search on Microsoft's very own Technet.
And yeah, it can be found in several different training materials too.
That was just me and my own little non-Microsoft oriented curious mind. I knew where to look first, though. It wasn't Slashdot.
Again, I'm answering to the exaggeration in your original post. If you are relying on Slashdot to "save the place you work", you're in the wrong line of work.
marketing there are lot of people on face book that they can sell to.
All these great tools are coming out that control this. Maybe companies should allow but monitor for keywords for their company name...so you can post, but you can use words that reference your company.
What with the library of congress archiving every twit and facebook allowing private data access to 3rd party companies, it seems like data retention is already being done for you.
He might not be special, but there's really no way to prevent tunneling short of blocking all potential addresses and protocols, which is pretty much all of them in either case. So there's really no way. Hell, I've used www-over-email. Is that an administrative oversight too?
https://www.eff.org/https-everywhere
FaceBook Enterprise Edition
Twitter Pro
Slashdot Corp Subscription
A service where your company opens an account with the social networking site, you submit the IP addresses of your DNS servers, or reconfigure your proxy to point to their 'corporate access IP'.
All Employees accessing the site through the enterprise intranet get a special version of the site that archives exactly all activities that are performed from the enterprise.
A flag controls what type of access they have to the medium at work. For example, you may have a policy that they can only communicate with their coworkers, customers, professional contacts, etc, from the office.
Their tweets may be restricted visibility until the end of the day. Or they might be permanently visible to only the Enterprise twitter users.
Surely, the obvious difference between your two posts, in my view as a third party...is that you knew what you were looking for. The OP sounds like he happened upon a comment that showed him a completely new way of doing things, that he wouldn't otherwise have considered. *I* wouldn't have known about silent windows installs or slipstreaming etc. had I not seen it on Slashdot. Though, admittedly, my workday isn't spent re-installing/re-imaging Windows machines.
/. that wasn't immediately relevant, but weeks, months, years later, when confronted with the same problem, I remembered where I'd seen useful information and added site:slashdot.org to Google. Thinking about it, one example would probably have been in one of the "command line tricks" stories. Likewise with book reviews..the review on Slashdot is usually pretty crappy, but there's normally about 50 comments recommending alternatives, or expanding on the review.
There are a couple of examples, though my memory fails me now as to the specifics, where I saw something interesting in the comments of
GP may not be saving the company he works for a million dollars a year but his example, of cutting down from the time taken by a fully attended install of windows to a fire-and-forget slipstreamed, silent install could feasibly represent a net benefit to his company from him reading Slashdot...
Meh, when done right, it just looks like a long ssl and/or vpn tunnel session.
You really cannot do much to filter/firewall this sort of bypass for the technical user. Unless you allow whitelist-only access to https/ssl sites and/or force corporate-only machine access with corporate-installed SSL CAs that decrypt SSL traffic and re-encrypted (putting the corporate proxy as a man-in-the-middle) you have no way to stop this.
The real trick is blocking all "leaking" dns and apps. Socks leaks badly, as does flash, java and many other plugins. Just firewalling all outbound traffic except your tunnel works, but will require a dedicated machine.
http to a remote proxy over openvpn (ssl) is a bit more efficient than socks over ssh and clearly better than socks over ssh over ssl.
That's just a statement that the DoD unclassified Internet won't block social networking sites. Anybody on there can already send email, etc., so it's not really a security issue.
Interestingly, DoD has a policy that all email with attachments on the unclassified net must be digitally signed by the sender. This doesn't guarantee that the attachments don't contain hostile code, but it makes it easy to track where the hostile code came from. DoD already has a large-scale public key infrastructure, and they have ID info for everybody who's authorized to send, so this wasn't hard to implement.
tell you? Or don't tell you?
Yes, it involves the threat of feeding the chick to the snake.
No, I don't know this from firsthand experience.
It is alleged to be an effective tactic.
I hope I don't need to explain any more than I already have.
I’m a consultant working with Palo Alto Networks; they have an excellent whitepaper on the subject of blocking social networking apps that you may have to worry about, “To Block or Not. Is that the question?” here: http://bit.ly/d2NZRp. It has lots of insightful and useful information about identifying and controlling Enterprise 2.0 apps (Facebook, Twitter, Skype, etc.) Let me know what you think! kelly@briefworld.com