Nevertheless, most companies allow full access to collaborative tools. , 49% do The analysis shows that 43% of them give the possibility to use Facebook , 50% of Twitter , 49% of . MySpace and 52% of LinkedIn .

For the vice president for Latin America and the Caribbean security firm Kaspersky, Alejandro Stetson, users rely too heavily on content viewing these networks and do not take basic precautions. "Even in specific communities such as LinkedIn, attention must be paid. The information technology professionals have every reason to worry about access to this type of site, "he says.

Links

Threats can come from various sources, ranging from general attacks, with links to malicious code, by actions more targeted and focused on achieving certain companies. It is important to bear in mind that criminals are increasingly sophisticated and specialized in deceiving employees with messages seemingly harmless and even through social engineering .

Another example of the evils that networks can bring is Twitter . The tool has gone through a situation that exposed your entire risk. A hacker exploited a vulnerability in the tool to run an application in Java Script infecting the profile and computer accessed by the poster. "With this, the user was exposed to hijack the browser and can receive malicious files and, therefore, put the corporate environment at great risk," says Gabriel Menegatti, chief technology officer at security company F-Secure.

Thus, the technology department can have two attitudes: to block access to the tools or use means of protecting the company's infrastructure with actions of awareness and constant monitoring of the network. In environments where social networks are important for work, the lock is not an option. It remains to stick to the best practices of corporate security and implement a culture among users.

Management

To Roger Denny, a security expert in the area of the company Safenet, we can not do without a good management of antivirus , firewall and other solutions to prevent entry of malware in the enterprise. "What should be done more consistently and that few companies do is a daily process analysis of vulnerabilities and risks and how these elements can affect the infrastructure of the corporation, "he says.

Spreading the culture of safety is something a little more complex, since it does not depend on technical and educational rather constant. According to Mark Prado, channel manager for Websense, the best way to start is not necessarily talking about technical risks, but spreading the surest ways to convey information. "The approach to security companies should be less focused on details of infrastructure and more focused on proper handling of information," he attests.