Social Networking in the Enterprise:A Delicate Balance Between Security and Enablement
Howard Ting
Director, Marketing
www.paloaltonetworks.com
Agenda
About Palo Alto Networks
The Rise of Social Networking
Social Networking SWOT Analysis
Recommendations
A Model for Safe Enablement
Learn More
About Palo Alto Networks
• Palo Alto Networks is the Network Security Company
• World-class team with strong security and networking experience - Founded in 2005 by security visionary Nir Zuk
• Builds next-generation firewalls that identify / control 1100+
applications- Restores the firewall as the core of the enterprise network security infrastructure
- Innovations: App-ID™, User-ID™, Content-ID™
• Global footprint: 2,200+ customers in 60+ countries, 24/7 support
Social Networking is No Longer a Fad
Hundreds of millions of people use social applications daily
Facebook has over 500 million users
LinkedIn has over 60 million users
Social bookmarking applications have roughly 10 million users each
Youtube is the 3rd most popular website on the Internet
Sales & marketing, public relations, HR and recruiting, product teams, and business development all see opportunity
Social Networking Usage in the Enterprise
Palo Alto Networks’ latest Application Usage & Risk Report highlights actual behavior of millions of users across more than 720 organizations worldwide
Social Networking is A Hotbed of Risk
Data Loss/Leakage
Unauthorized employee file transfer, data sharing
Network Intrusion
New avenue for threats to enter the organization
Image Damage
Mis-treat your customers/constituents at your own peril
Compliance
Using unapproved applications, unaudited
Operations Costs
Excessive bandwidth consumption, desktop cleanup
Productivity
Uncontrolled, excessive use for non-work/mission related purposes
Existing Infrastructure Hasn’t Kept Up
Applications have changed
• Any port or random ports
• Evasive
• SSL encrypted
• Tunneled within other apps
• Users feel entitled to use any application
• New employees = always on, always connected
3%
3%
9%
13%
15%
14%
15%
27%
30%
30%
42%
53%
62%
76%
80%
00% 20% 40% 60% 80%
RDP
SSH
telnet
LogM eIn
Team Viewer
CGIProxy
PHProxy
CoralCDN
FreeGate
Glype Proxy
Tor
Ham achi
UltraSurf
Gbridge
Gpass
Remote Access
27 variants found 95% of the time
External Proxies
22 variants found 76% of the time
Encrypted Tunnels
Non-VPN related –found 30% of the time
Users Will Find A Way…
Source: Palo Alto Networks Application Usage and Risk Report,
Spring 2010
Social Networking: Strengths
• Reaching new people, deepening existing relationships
• Reduction in cost of sales/marketing (disintermediation)
• Reduction in cost of support
• Reduced time to collaborate
Social Networking: Weaknesses
Virtually unmanageable today
Few policies
Existing policies aren’t enforceable
Savvy users
Security models too restrictive
Allow/Deny is too coarse grained
Social Networking: Opportunities
Evolve security policies
Evolve controls
Make risk management/security relevant to the business
Social networking worms
Phishing bait
Trojan vector
Data leaks
Shortened/obfuscated links
Botnet command and control
It’s a data source
Cross-Site Request Forgery (CSRF)
Impersonation
Trust
Social Networking: Threats
Recommendations
Policy
Gather
Listen
Redefine
Model – re-think or refine
Blindly blocking is out
Safe enablement is your new mantra
Controls
Visibility and control of applications, users, and content is key
“Allow, but…” controls are critical
A Model for Safe Enablement: Twitter
Allow But Manage
Only for Public Relations
Disable Twitter-Posting
Allow Only During Lunch
Enforce Regardless of Proxy or Evasion
Scan and Block Threats
Block Worms
Block Attacks and XSS
Block Dangerous URLs
Prevent Loss of Sensitive Data
Requires a Next-Generation Firewall
New Requirements for the Firewall
1. Identify applications regardless of port, protocol, evasive tactic or SSL
2. Identify users regardless of IP address
3. Protect in real-time against threats embedded across applications
4. Fine-grained visibility and policy control over application access / functionality
5. Multi-gigabit, in-line deployment with no performance degradation
What You See…with non-firewallsWhat You See with With A Firewall
Conclusions
Social Networking and Enterprise 2.0 applications are here to stay
High use, high risk, high reward
Applications and users are adept at circumventing controls
Changes in network security required – can’t blindly allow, can’t blindly
block
Can’t Do Security 1.0 in Enterprise 2.0 World
Existing controls inadequate
Adding more security devices isn’t the answer
Next-Generation Firewalls Can Help
Identify and control applications, users, content
Safe enablement: no more flashlights and whack-a-mole
Learn More…
See a product demo in our booth (#201)
Visit us online: www.paloaltonetworks.com
Gartner, Forrester, and IANS analyst perspectives
Application Usage and Risk Report
Much more…
Get a complimentary network security assessment
Request online at www.paloaltonetworks.com/avr
Call us @ 866.320.4788