FB Business Records

Facebook Records

Update:   I have published fresh ideas on how to record Facebook messages when employees use them for official company or government business.  Social networks are becoming a more commonly-accepted tool of commerce.

They are also the source of many records needed for lawsuits, investigations and conflict resolution.  http://www.google.com/sidewiki/entry/benwright214/id/lr8I0ChURBgd6x6HWKssukeRgWo

–Ben

Forbid Twitter at Work?

Selective Internet Blocking as Employment Policy and Warning

Twitter can be a distraction in the workplace.  Oprah, who boasts almost a million followers on Twitter, caused mob scenes at KFC stores by tweeting about a free chicken coupon download-able from her web site.  News spread as other Twitter authors repeated the message.

To be sure:  much of the Twitter traffic and downloading attending to this stampede happened in the workplace, on office computers.  What a waste of employee time.  What a tax on business computers.  What a threat to security.

As Twitter, Facebook, Myspace and other social media swarm the workplace, they’re almost impossible to block entirely.  The channels of communication (web pages, widgets, instant message and more) are too numerous.

Update:  A large percentage (24%!) of all Twitter Tweets are generated by robots (“bots”), not individual people, which suggests Twitter contains a lot of junk and spam.

So should management surrender control of company networks? No.

Selective blocking is a strategy.  Selective blocking can remind employees that they are expected to be responsible adults.  For example, here is a screen that Cyberpatrol could produce when employees visit web sites like Twitter or Facebook:screenshot

(Note: I created the custom message to employees by editing the html in one of the blocking screens available in Cyberpatrol. )

A screen like this cautions employees that social networking at work is a bad idea.  Will it stamp out wasteful e-chat in all of its forms?  No.  But it does respectfully display management’s concern and authority.  It reinforces an employee acceptable use policy.  And it hints that management may be able to monitor what an employee is doing on company computers.

–Ben Wright

At the SANS Institute Mr. Wright teaches IT administrators how to avoid going to jail.

Digital Evidence of Pornography in Hostile Workplace Lawsuits

Internet Files Can Corroborate Sexual Harassment Claims

A new privacy feature in Microsoft’s Internet Explorer 8 may foster more viewing of pornography in the workplace.  It should heighten the incentive for employers to actively block Web porn sites.

Internet Explorer is the most popular web browser.  Forthcoming version 8 includes a so-called InPrivate mode, where browsing history is not retained and temporary Internet files are deleted upon completion of the browser session.  With the advent of InPrivate mode, some employees may be lulled into a false sense of seclusion at their desks and may succumb to temptation to peek at porn.

Legally speaking, pornography is very dangerous in the workplace, as it can be evidence of a hostile work environment.  Although InPrivate mode may make access to that evidence – in the form of retained files on a PC hard drive — more difficult, the digital evidence may still be recoverable.  Forensics experts have demonstrated that they can (with effort) still reconstruct browsing history when InPrivate mode is engaged.

Further, evidence of World Wide Web pornography on the job need not come just from digital records.  It can come from, say, Employee #1 testifying that he/she witnessed pornography on the monitor of Employee #2.

Some observers are recommending that employers to disable InPrivate mode.  But disabling is difficult, and it addresses the problem only indirectly.  The more direct and complete approach is to use software to block access to adult sites.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.

Youtube and Facebook: Workplace Morale and Internet Addiction

Should Management Monitor Employee World Wide Web Surfing?

Should an employer tolerate computer social networking on the job, or prohibit it? An Australian study suggests office workers are generally more productive if they relax every so often online, by reading news, shopping or chatting with friends on Bebo, Hi5, AIM, FriendFeed or Yahoo Messenger.  The study’s author, Dr. Brent Coker, argues that often employer blocking of web sites like Youtube or Amazon is counterproductive.  Employees need a break, he says.

But beware Internet addiction.  Dr. Coker sees signs of addiction in 14 percent of Internet users.  Addiction means the users overdo it.  They browse to excess; they can’t act responsibly.  From the perspective of an employer, 14 percent is a huge number.  How can an employer afford to idle 14 percent of its work force?  Dr. Coker warns that for these 14 percent, casual surfing can become a waste of time and worse .

So what is an employer to do?  Internet access in the workplace is not a black and white issue.  Different work environments – and different employees – need different rules and different degrees of guidance.  For example, while on duty, maybe an air traffic controller should not be watching comical videos.  But such videos are probably okay — and maybe even wise and recommended — when she’s on break.

Responsible Internet monitoring by supervisors and even blocking have a place in the modern job site.   If an employer does monitor access to the Internet, it is wise to inform employees in advance.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.

Facebook In-security

Warning for Business, Corporate and School Computer Networks

Is Facebook safe enough for access by office computers?  For many organizations, the answer is no.  The bad news about the popular social network grows with each passing week.  Facebook has been plagued with the Koobface worm (some call it a virus), which has through Facebook infected (or attempted to infect) work PCs.

Now Facebook faces the scrooge of the Dancing Girl.  The Dancing Girl exploit arrives as an e-mail appearing to be a typical notification from Facebook, saying someone has left you a Facebook message.  The rogue e-mail directs you, the victim, to click to see a video of a sexy dancing girl.  If the victim clicks, he is taken to a fake, Facebook lookalike page, which instructs the victim to download a software upgrade so that the video can be viewed.  But in truth the software to be downloaded is a group of damaging, malicious programs.

If an employer were to prevent (forbid) access to social network sites, then employees would not be tempted to fall for tricks like this.  To say it a different way:  failure to prohibit Facebook and Myspace can promote a lax computing environment in the office.

Local chapters of the Better Business Bureau (such as the Hawaii chapter and the Chicago & Northern Illinois chapter) have issued warnings about the transmission of malware and the propagation of other threats through social networks, especially Facebook.  Among other scams, bogus posts to a victim’s “wall” can link to dangerous external web pages, which might try to install malicious software through the victim’s web browser.

The Maryland General Assembly blocked its network users from access to social networks, especially Facebook.

Update:  Recent research compares the success rates for propagation of malware via e-mail and via social networks.  Hacker are ten times more successful on social networks sites.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.

Security Threat: Facebook and MySpace at Work

Koobface Virus Spreads among Office Workers

Employees (workers) visiting social networking sites are infecting workplace computers with viruses (or they are subjecting their computers to attempted infections).  Facebook and MySpace are known as breeding grounds for Koobface (technically classified as a “worm”).  Security is a reason for businesses, libraries and schools to block or limit access to social media web pages.

These are documented examples of Facebook being implicated in Koobface infections (or attempted infections) in the workplace or related to the workplace:

  • Richard Larmer, chief executive of RLM Public Relations in New York, had to replace his computer.
  • “[H]undreds of Boston journalists, ad execs and public relations professionals [such as Scott Farmelant of Mills and Co.] who use the popular social networking service have received a Facebook message that purports to link to compromising video of its recipient.”
  • A journalist at Washington City Paper haplessly clicked on a link purporting to be from a colleague at the paper, only to discover that the link caused an infection.

Koobface thrives in social networks because users think they can trust their friends.  The victim believes a trusted friend has left on her “Wall” a link to a video.  Her guard is down, so she clicks the link and then follows Koobface’s diabolical instructions to download a software update.  The worm infects the victim’s computer with malware that seeks to control the computer and steal personal information.

In addition to Facebook and Myspace, Koobface is reported to have infected other social networks, such as Bebo, Friendster, MyYearbook, Classmates.com and Blackplanet.  Experts predict more virus attacks through social web sites.

Although Koobface is not the first virus to spread through Facebook, it is the one that is reputed to have inflicted the most harm.

Update: Local chapters of the Better Business Bureau (BBB) are issuing warnings about the insecurity of Facebook and MySpace.

One strategy for employers is selective blocking, where only certain suspect sites are blocked, with a screen that reminds employees they are responsible for getting their work done.

–Ben Wright teaches computer security law at the SANS Institute.

Screening Twitter from Work or School

Employees Wasting Time with Micro-blogs?

Twitter is popular, and if it is not blocked or forbidden, it can depress workplace productivity.  Twitter is a free service that broadcasts text messages (also known as updates or tweets) of up to 140 characters in length.  Twitter can be addictive, as readers can enjoy the distraction of reading each little instant message as it comes in.

Twitter supports multiple media for sending and receiving.  Users can exchange tweets by way of web pages, electronic mail or mobile (cell) phones (text, IM or SMS).

Responsible use of Twitter can help employees perform their job. For example stock brokers might use Twitter to keep abreast of the latest financial gossip.

But many employers or teachers may have little tolerance for Twitter within their domains.  Although employees or students may need access to Internet-connected computers, Twitter can be a nuisance.  Administrators therefore might adopt a policy that bans Twitter, and take technical steps to block it.  Technical measures might include the deployment of software that blocks certain URLs (such as twitter.com, tweetie.com, facebook.com, myspace.com, which support Twitter or its widgets).

Further, an administrator might use Internet monitoring software to discover which time-wasting sites users are visiting – the latest access points for Twitter and other worthless chat.

An administrator who monitors computer usage is wise to warn users of that fact.

Update:  Popular services like Twitter inevitably attract the interest of hackers.  Some Twitter users contracted the StalkDaily virus.  For some employees there is no reason for them to be on Twitter at work.  Security is an additional reason to block the access of these employees to Twitter.

–Ben Wright Mr. Wright teaches data security and e-mail records law at the SANS Institute.