Social Media Center

Last week we announced several new, important core security technologies that we added to our TRITON architecture. Websense ACE now includes 10 new defense innovations; seven are focused on outbound traffic to keep data theft and call-home communications contained, preventing theft or loss. Because so many of them are industry firsts, I wanted to take a moment to explain what many of these do and why we created them.

Truth is, the bad guys are stealing corporate data and avoiding detection using advanced techniques. In just the last year, we've seen key intellectual property and user identities stolen from corporations and government agencies, including some you would least expect-including entertainment (gaming) and security companies!

Below are a few examples of how cyber criminals are going undetected, stealing your IP, and how we can stop it from happening.

More

I’ve had a few customers ask me recently about how we compare to OpenDNS. We only run across Open DNS once in a while, typically for extremely price-conscious customers. But cheap comes at a cost and when the solution is insufficient the savings can’t be justified.

Open DNS works by using their cloud-based DNS servers as URL filter databases. Since the huge majority of web requests require DNS resolution to match an IP address to a URL domain name, they provide filtering by having an objectionable URL map to a block page location rather than to the web site.

OpenDNS sells to a lot of schools, so let’s look at a relevant example...

Credit Union Times recently published an article highlighting First Tech Federal Credit Union’s decision to partner with Websense for data security during a massive merger. During a merger, the risk of losing data increases significantly because huge amounts of sensitive information are moved around. Keeping the data from inadvertently or maliciously getting into the wrong hands is paramount.

Earlier this year, First Tech of Beaverton and Addison Avenue Federal Credit Union completed their consolidation in a massive interstate merger worth $4.75 billion with 38 branches and about 335,000 members across the nation. Websense data loss prevention capabilities were employed to protect more than 55,000 separate merger-related pieces of communications between April and November of 2010, critical to the regulatory needs of the organizations.

“We chose to implement Websense DSS during the merger and beyond, because the technology is well aligned with the growth of our organization,” Phil Romero, Senior Security Architect at First Tech

Addison Avenue Federal Credit Union had already been using Websense Data Security Suite for years prior to the merger. When Addison Avenue faced the decision of which technology to implement during its merger, it chose to expand its use of DSS and purchased six additional appliances to also implement a deeper deployment of Websense Web Security Gateway. Websense now provides First Tech Federal Credit Union the necessary tools to track and control how data is stored and moved over internal and external channels.

“Protecting confidential data during a merger and acquisition is critical to its success. In such transitional times, company files are almost always sent through an organization’s biggest communication channels: Web and email. And that’s when data is at great risk,” Patrick Murray, Websense senior director of product management

Check out our press release on the merger here.

For more information on Websense Web Security Gateway click here.

Today, InfoSecurity Magazine released an article featuring Websense® customer Al Gore of the John F. Kennedy Center for the Performing Arts on how he successfully enables social media in his organization with a web security gateway solution from Websense. 

According to a recent Websense poll of more than 275 security professionals, more than 45 percent restrict social media properties out of concern for security.

The Kennedy Center for Performing Arts, which provides thousands of performances by the greatest artists from across America and around the globe, was feeling the pressure to embrace the world of social media.  For example, the Kennedy Center’s marketing department was looking to utilize Facebook as a platform to build their brand. And, directors were looking to use YouTube as a means to view performances and make casting decisions.  However, this demand had to be carefully weighed with the security challenges at the institution.  In this article, Gore describes how he was able to meet the social media demands of the Kennedy Center, while protecting against security threats. 

For example, with an open social media model, the Kennedy Center experienced an influx of viruses and infections on their computers that bypassed their anti-virus products. As the Director of IT Operations, Gore found that about 80% of the 600 PCs in his IT environment required maintenance due to infections every year.  To solve this security dilemma and keep their open social media policy, Gore implemented a web security gateway solution from Websense. Below are excerpts from the Infosecurity Magazine article that highlight the value that the Websense Web Security Gateway brings to Gore’s organization:

Gore explains that the technology put in place allows access to necessary social media sites “without headaches” by monitoring, in real-time, for policy violations and potentially malicious scripts. Therefore, it provides access to the sites, but still monitors activities once the user has logged in.

Putting this type of solution in place, he continued, means that his IT department does not have to manage policy from day to day. “I have an enterprise background with different companies, Gore shares, “but [the Center] is the first organization I have been with that allows access to nearly every site while web browsing”. It may seem like a lawless environment, he adds, but that is far from the case. Working quietly in the background is the web gateway security solution.

The results of the new approach have been clear: a decrease in helpdesk call volume, fewer alerts, and less time spent with virus/infection issues. And a year and a half after implementing a technology solution, Gore cannot recall any new infections within the Center’s IT environment.

Read more about the Websense Web Security Gateway here.

Struggling to find a way to enable social media in the workplace? Check out our Social Media Acceptable Use Policy here.

Need an immediate way to secure you and your followers against threats that target social media? Check out Defensio here. 

MSNBC just released an article on a malware campaign that the Websense® Security Labs™have been tracking since they discovered it on Tuesday. The campaign, dubbed “LizaMoon” by our Labs, was injected into a huge amount of web pages. The malicious code redirects users to a rogue antivirus website – individuals are told that their computers are infected with a virus that can only be removed by purchasing phony antivirus software.

As companies push to further mobilize their businesses and personal smartphones and tablets proliferate the workspace as primary communication tools, IT departments are facing increasing pressure to keep their content secure from malicious attacks and data leakage on employee-owned devices. Such potentially damaging threats posed to confidential data have necessitated the implementation of a mobility management and security strategy in the enterprise, particularly since the average cost of corporate data breach has reached $7.2 million!

In a recent article by NetworkWorld, Websense® Mobile DLP™ is highlighted as a response to these threats, using TRITON™ Security Gateway to locate and quarantine confidential information headed for non-corporate devices. 

In the article, David Meizlik describes the 1,100 data protection policies in the TRITON Security Gateway that ensure the protection of corporate, confidential data on Google Android, Apple iOS and Windows Phone 7 devices. Blackberry devices can be filtered too, if the company runs a Blackberry enterprise server.   Read more about our Websense Mobile DLP here.

On a recent visit to the editorial offices of SC Magazine, Websense vice president of product management, Devin Redmond spoke with SC Magazine deputy editor, Dan Kaplan, about the evolution of modern Web threats. 

In this video from the homepage of http://www.scmagazineus.com/, Devin explores the way that business needs have shifted, with companies looking to leverage  Web collaborative tools like cloud computing, Salesforce, social media or Facebook - and the subsequent evolution of targeted Web attacks that attempt to exploit those that do so. Click below or visit http://link.brightcove.com/services/player/bcpid78521347001?bclid=81231796001&bctid=97625336001 to view the video in its entirety.

To learn more about how Websense enables modern Web collaboration and protects organizations from today's advanced threats with the lowest total cost of ownership, read about our TRITON architecture here.

Over the past two weekends, malicious infectious campaigns on Facebook have gained a lot of attention. First came the Websense Labs discovery of the Facebook’s Sexiest Video  exploit. A second massive infection of Facebook occurred again last weekend, using the same technique, this one on Distracting Beach Babes. 

Yesterday – Websense Labs managed to get a hold of the source code of the malicious Facebook application and investigated how it works. Both Computerworld and eWeek have written articles investigating these recent attacks and the source code behind them.

In this feature article, ABC News looks at recent revelations that employees of the Securities and Exchange Commission were viewing pornography on their government-issued computers. Dave Meizlik from Websense is featured points out that there are broader security issues that come with this type of browsing activity within an organization,  especially in a highly regulated environment, such as the SEC.