Can you mitigate that group through web-filtering accordingly. Basically using proxy authentication to get to the site, in which they need to login as themselves (AD credentials) so they can get to the site to set things up, and they have a timeout for viewing/updating and access is tracked.
The rest you got covered, you need to look at your network controls and define who should and who shouldn't be accessing the twitter and facebook etc etc, authorize just them to access and audit there access accordingly. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 -----Original Message----- From: Andy Ognenoff [mailto:[email protected]] Sent: Thursday, April 02, 2009 5:08 PM To: NT System Admin Issues Subject: RE: For all of those that think facebook at work is acceptable I have to allow these sites since we are using them for legitimate business purposes - we have a social media push in marketing and are establishing our presence on Facebook and Twitter. So...what kind of advice would you suggest beyond the normal best practices? (We have gateway AV, IPS, desktop AV, all users are non-admins, we patch all installed apps judiciously as available, etc.) - Andy O. ________________________________________ From: Ziots, Edward [mailto:[email protected]] Sent: Thursday, April 02, 2009 2:40 PM To: NT System Admin Issues Subject: For all of those that think facebook at work is acceptable So imagine, if you are letting these types of things in, you are basically opening yourself up for attack. I think most peoples acceptable use policies probably state "computers are used for bussiness purposes only, any other use of such company computer assets is strictly forbidden and is grounds up to and including termination of employment" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
