Top 10 tips improve social networking security

Top 10 tips and best practices to improve social networking security

Top 10 tips to improve social networking security are necessary in order to secure the enterprise’s data and reputation.

  1. Educate employees – Educating employees of best practices can help improve the overall security of the business. Awareness through seminars, workshops, and other programs help educate how attackers use social media to target a brand via individual employees.
  2. Have employees use different passwords for different system – Encourage users to have multiple unique passwords. This can be support by implementing a cloud based password management system.
  3. Mandate strong passwords – Make it a requirement to have unique strong passwords.
  4. Have employees change passwords regularly – One every three or four months communicate with employees to tell them it is time to change their passwords.
  5. Do not share accounts – For social accounts that represent the enterprise only have one user per each and the linking e-mail account should be one that is in the enterprise domain and will remain with the enterprise in case the employee leaves or is teminated
  6. Implement two factor authentication – Many of the larger social networks provide two-factor authentication, commonly in the form of a code sent to their smartphone or email each time a new device or browser attempts to login to the account.
  7. Educate employees to NOT open email attachments or go to links where the originator is not known – Stress the practices of carefully reviewing URL links before clicking to make sure the company and site name are spelled correctly. Cybercriminals will often blast out links that are very similar to a real address adding, subtracting or rewording parts to differentiate them.
  8. Utilize antivirus and security software – . No matter how careful a user is, there’s always the risk of accidentally engaging with a malicious link – and just one unfortunate click can lead to months of recovery time.
  9. Don’t friend people you do not know – Companies should encourage employees to thoroughly vet a friend request before hitting “accept”. They should check to see if other colleagues are also connected to the account. If the account seems suspicious or you don’t know the individual, ignore or report the user, and refrain from clicking on any links they may have sent.
  10. Validate and verify – just because it is on the Internet does not make it true.

Top 10 tips improve social networking security

Top 10 tips and best practices to improve social networking security

Top 10 tips improve social networking security – These best practices will improve social networking security and protect the enterprise’s social networking reputation.

  1. Educate employees – Educating employees of best practices can help improve the overall security of the business. Awareness through seminars, workshops, and other programs help educate how attackers use social media to target a brand via individual employees.
  2. Have employees use different passwords for different system – Encourage users to have multiple unique passwords. This can be support by implementing a cloud based password management system.
  3. Mandate strong passwords – Make it a requirement to have unique strong passwords.
  4. Have employees change passwords regularly – One every three or four months communicate with employees to tell them it is time to change their passwords.
  5. Do not share accounts – For social accounts that represent the enterprise only have one user per each and the linking e-mail account should be one that is in the enterprise domain and will remain with the enterprise in case the employee leaves or is terminated
  6. Implement two factor authentication – Many of the larger social networks provide two-factor authentication, commonly in the form of a code sent to their smartphone or email each time a new device or browser attempts to login to the account.
  7. Educate employees to NOT open email attachments or go to links where the originator is not known – Stress the practices of carefully reviewing URL links before clicking to make sure the company and site name are spelled correctly. Cybercriminals will often blast out links that are very similar to a real address adding, subtracting or rewording parts to differentiate them.
  8. Utilize antivirus and security software – . No matter how careful a user is, there’s always the risk of accidentally engaging with a malicious link – and just one unfortunate click can lead to months of recovery time.
  9. Don’t friend people you do not know – Companies should encourage employees to thoroughly vet a friend request before hitting “accept”. They should check to see if other colleagues are also connected to the account. If the account seems suspicious or you don’t know the individual, ignore or report the user, and refrain from clicking on any links they may have sent.
  10. Validate and verify – just because it is on the Internet does not make it true.

Order Policy Download Selected Pages

Mobile device FCC regulations for 2015 help the mobile user

Mobile Device FCC regulations for 2015 help the user

Mobile Device Access and Use Policy

Mobile device policy including the latest tables and smartphones and FTC guidelines

Order Mobile Device Access Use PolicySample Mobile Device Policy

1. Carriers can’t throttle ‘unlimited” data plans

The FTC made it clear this week in a statement that it will now consider throttling of “unlimited” plans a clear-cut case of false advertising. Both throttled plans and unlimited plans will still be legal. But they can no longer be the same plans.

2. Carriers can’t sell you slow data connectivity as ‘broadband’

The Federal Communications Commission on Thursday unceremoniously redefined what “broadband” means. The previous definition of “broadband” was a meager 4Mbps for downloads and 1Mbps for uploads. That standard was set four years ago.

The new minimums are 25Mbps for downloads and upload speeds of at least of 3Mbps.

As with cases that involve throttling of “unlimited” plans, this is a marketing matter. Providers can sell connectivity at any speed they want, but they can’t advertise it as “broadband” unless it meets the new criteria.

The fact even that 25Mbps is legally considered “broadband” hints at the pathetically low standards that data providers are held to in the U.S. Still, it’s a lot better than nothing.

3. Hotels can’t block your personal Wi-Fi hotspots

Long story short: Some hotels and other businesses, and most famously Marriott hotels, wanted to force hotel guests to pay up for a separate Wi-Fi connection for every device used in the hotel.

FCC Commissioner Jessica Rosenworcel and FCC Chairman Tom Wheeler both said in no uncertain terms that such blocking should not be allowed. Further, Rosenworcel said that even more unlicensed spectrum should be opened up for personal use.

4. You don’t have to die needlessly because emergency personnel can’t locate you indoors.

When you’re in a crisis situation — one that involves, say, a medical emergency or criminal activity — a 911 call enables first responders to use your smartphone’s GPS to find out where you are with some degree of accuracy — as long as you’re outside. They do this through your carrier, and it’s information that carriers are required to provide.

This week, the FCC approved new rules that require carriers to, within two years, start using technology that’s able to provide the location of a 911 caller within 50 meters in at least 40% of cases.

5. You don’t have to tolerate slow airplane Wi-Fi anymore.

Gogo, which provides Wi-Fi service on airplanes, recently got approval from the FCC for a new service called 2Ku to be installed on 1,000 aircraft. The new service is satellite-based and several times faster than most airplane Wi-Fi systems — up to 70Mbps.

6. The entertainment industry can’t use emergency alerts in movie promotions

The FCC recently fined Viacom and ESPN $1.4 million for using official emergency alert tones in a promotion for a movie called Olympus Has Fallen. The warning sound was part of the movie, but people who heard it might have thought there was a real emergency.

In levying the fine, the FCC made it clear that, well, you just can’t do that.

7. It now is easier to file a complaint

The FCC this month launched a new website where consumers can complain about their cable, broadband and wireless service providers.

The new site replaces an old one that was plagued with antiquated design that made filing a complaint difficult.

Mobile data traffic is poised to explode

Janco Associates predicts a tidal wave and explosion  of mobile data traffic. There will be more mobile users, nearly 5 billion by 2018 (up from 4.1 billion in 2013) and more than 10 billion mobile-ready devices, including machine-to-machine connections by then (up from 7 billion in 2013).  Mobile video will account for 69% of all mobile data by 2018, up from about 53% in 2013.

Mobile data is expected to grow by 11 times in the next four years, reaching 18 exabytes per month by 2018. An exabyte is 1 billion gigabytes.

Mobile data traffic is expected to grow by 61% annually into 2018, with the extra traffic from just one year — 2017 — expected to be triple the entire mobile Internet in 2013.

Cisco forecasts that average global network speeds will almost double from 1.4Mbps in 2013 to 2.5Mbps by 2018. Speeds will be higher in the U.S. where LTE often gives users more than 1Mbps for downloads. Cisco added wearables to its annual study of mobile traffic for the first time this year. In all, there were 21.7 million wearable devices in use globally in 2013, a number expected to reach 176.9 million by 2018, Cisco said.

Most of this wearable device traffic will continue to be channeled through smartphones, using the smartphone as a hub, The amount going through smartphones is now about 99%, and will drop to 87% by 2018.

Cisco conducted a test using Google Glass to look at the traffic it generated. Over 16 days, the total data moved wirelessly via cellular or Wi-Fi was 263MB, with 101MB moved from the Google Play, about 29MB from Google Play Music and 28MB from YouTube. MyGlass took 24MB, while Maps took 17MB.

The demands for a device like Google Glass might not be all that dramatic in terms of total data traffic imposed on a wireless network, but there will be general demands on connections from each app or service and how well a network will be able to handle those the demands at once, even to a single user.

IT Infrastructure PoliciesInfrastructure Policy Sample

10 best practices to improve the value of your blog

Blog Best Practices to Improve the Value of Your Blog

Blog 10 Best PracticesBlogs can consume a lot of your time.  In order to maximize this effort here are some best practices that you can follow to increase the number of readers of the blog and improve its overall quality.

Order Blog PolicySample Blog Policy
  • Post comments on schedule and when events occur that are of interest to your readers.  At the same time do not over-post as that will cause you to lose readers because of “blog fatigue”
  • Think of creative titles for blog posts to attract readers and to get them hooked on the blog.  Blog readers generally pay attention to the title and the first two paragraphs of any given post, and then decide whether to read the rest. This means your title, and your first two paragraphs are your chance to entice them to read the rest of the post. Examples of some are:
    • Little known factors that could affect your __________
    • 10 shortcuts for __________
    • Secrets of ___________
  • Have multiple authors on a company blog and have them include contact information to convert blog readers to customers.
  • Be casual and not overbearing.  At the same time it should not be a marketing brochure.  Most blog readers don’t generally respond to tot that well. They want to know that they’re talking to a human being much like themselves, who happens to know a bit more about the subject than they do, or who shares their views on the subject. Try to write in a tone that’s natural, casual, and almost conversational
  • Provide a way for blog readers to engage with you via comments or other social media sites like Twitter and Facebook.
  • Provide back links in the blog to other blogs and web sites for related products.  If this is a company blog focus on industry or customer sites – not competitors.
  • Keep track of what others are saying about your blog, company and related topics.  A good discussion can get started that helps to improve the reputation and value of the blog
  • Utilize tools for SEO (Search Engine Optimization).  It does you little good to have a blog that no one can find.
  • Promote you blog in social media.  In the case of a company blog have tweets and Facebook postings that link back to your blog.
  • Create an RSS feed based on your blog and use that as one of the promotion tools for your blog marketing campaign.
Order Blog PolicySample Blog Policy

10 Steps to Prevent Being Scammed by Social Media

10 steps to Preventing Social Media Scam

Social Media ScamWith more companies moving to marketing via social media there now is a greater possibility that social media scam will impact and compromise your company.  Here are 10 steps that Janco Associates has found that can minimize that risk.

  1. Implement a social networking policy for all individuals and devices that can impact the company’s infrastructure
  2. Social engineering awareness training must be done constantly, not the typical annual training program.
  3. If it sounds like it is too good to be true the odds are it is a scam
  4. Look to the outside to be aware of scams that others are facing
  5. Question suspicious behavior and communications.
  6. Report suspicious behavior and communications to the IT and HR management instead of shared on social networks.
  7. Work devices should not be used for personal activities.
  8. Access to various types of data should be protected with separate and strong passwords.
  9. The network should be segmented to guard against scammers infiltrating a network segment simply because an employee with access to another segment was compromised.
  10. Learn from past mistakes of others. Reverse engineer this same scenario in your own company to see if the scam could happen in your organization.
Order PolicySample policy

CIO challenge – how to manage the social media risks

CIO challenge – how to manage the social media risks

CIOs are faced with new social media risks.  Analysts are predicting that by 2016 as many as 40 percent of all organizations will utilize social media as a customer service channel. With that in mind CIOs need to be aware that their  organization’s reputation can quickly be damaged through the instant spread of bad news or a negative incident via social media.

Social Networking PolicyIt only takes one disgruntled customer to take to Twitter, You Tube or Facebook and the results can be costly. Even worse, damage can be done by a disgruntled employee with access to corporate social media accounts and a determination to discredit the company.

The issue faced by enterprises of all sizes is ensuring that the right message is being communicated in a consistent manner.  The first step in achieving this objective is to have a uniform social network policy.

Backup Policy & Backup Retention

The Social Networking Policy Template is the right tool for this task. With it you can successfully manage and control your employees’ activity that are related to your enterprise.

Risk management rules apply

Traditional risk assessment rules apply to managing social media – identify, record and mitigate risk. So, while there is no doubt that social media will continue to be a risk, by implementing sound processes and procedures supported by an enterprise control platform risk managers should still be able to sleep soundly at night.

The processes to follow are:

Identify Risk

The first step is to identify potential risks, in the case of social media these include:

  • Employees sharing confidential information;
  • Loss of control or ownership of the organization’s social media accounts;
  • Careless posting by employees: accidental or deliberate;
  • Employees defaming their employer on personal profiles;
  • Failing to respond to negative posts or responding in an inappropriate manner;
  • Failing to listen to the social web or the right conversations;
  • Not sharing best practice;
  • Being unaware of who is listening to which conversations and responding on behalf of the organization.

A lack of attention to detail in terms of knowing how usernames and passwords are being shared means that in the event of something going wrong no-one is accountable or traceable for posting the offending content. The lack of an audit trail makes it difficult to identify who and why a damaging internal post has appeared. Likewise, is it clear who is responsible for replying to external negative comments and in what tone? Adding fuel to the flames can make matters worse but if the source of that fuel cannot be identified steps to call a halt and correct the situation will take precious time.

Document and manage

Document and manage potential social media risks in order to implement a control platform that works seamlessly across the entire organization.

Step three: mitigation

Mitigation is the third step when it comes to the control of social media risk. In the event of the worst happening social media channels should be kept open and readers kept informed as to what is being done to remedy the situation. Openness and clarity are essential. In the event of the crisis having been created internally, audit trails and validation will soon identify the source and allow the necessary actions to be taken. If the crisis was as a result of an external source, the right people required to respond will be alerted and the appropriate reaction documented.

10 best practices in managing social networks and relationships

10 Best Practices in Managing Social Networks and Social Relationship

Social networks provide an opportunity to communicate electronically with both personal and business associates.  Done properly they are a great new way to stay in touch or market.Social Networks

  1. Create relationships to connect in a consistent manner
  2. Minimize low value communications
  3. Group relationships to make it easier to track relationships
  4. Utilize multiple social networks to segregate relationships – utilize the right network for the relationship
  5. Ensure you have proper groupings
  6. Establish metrics to use in following relationships
  7. Assess the impact of a change before you make it
  8. Document changes
  9. Keep communication flowing via Email
  10. Validate relationships are working both ways

Order PolicySample Policy

%d bloggers like this: