5 tips for using a CASB to safely enable social media in your business

July 25, 2016 Bob Gilbert

 

From Facebook’s 1.65 billion monthly active users to Twitter’s rise as a mainstream broadcast media outlet, social media continues to experience rapid and wide adoption from users around the globe. For the enterprise, social media presents both opportunities and challenges. The opportunity is primarily centered around leveraging social to make your employees more collaborative and productive at their job, not to mention the many benefits to the business. If you aren’t interacting with your customers via social media, there is a good chance that your competitors are.

Even with all the upside, there are a number of challenges that are impacting the adoption of social media in the enterprise. First, social media promotes transparency and some businesses are not ready to change their culture overnight. The other challenge is the risk associated with sensitive data leaking via social media. What if someone posts or shares something they are not supposed to? What would be the impact to your company if intellectual property was leaked, customer data exposed, or out-of-compliance activities took place? Compliance is a real issue whether it is FINRA compliance for financial firms, PCI for retail, or protected health information (PHI) that is connected to HIPAA compliance. Social media makes it very easy to share anything and that anything could be cause for concern depending on the scope of your business.

The question is, do you embrace social media in your place of business and reap all the benefits or do you block social media altogether? This is a catch-22 as you ultimately need to make the decision between using social or being safe. What if you could enable the use of social media in your business, but do it safely? I want to share with you how a cloud access security broker (CASB) such as Netskope can let you have your cake and eat it too. Here are 5 tips.

Tip #1 Use a scalpel, not a sledgehammer

Your first inclination might be to just outright block social media by using your perimeter security device. Instead, use a CASB that can identify and block risky activities taking place in real-time. A risky activity could be someone from the hospital staff posting PHI to a social media app of their choice or perhaps one of your engineers accidentally sharing intellectual property. Focusing on blocking the risky activity instead of being forced to block the app outright means that everyone can use the app safely.

Tip #2 Implement a category-level policy

There are the mainstream social media apps like Facebook, Twitter, LinkedIn, and Snapchat and then there are the dozens or potentially hundreds of social media apps being used by your employees. In fact, a recent Netskope Cloud Report found that an enterprise has 23 social media apps in use on average. Make sure that your CASB supports a category-level policy that can be administered to cover all social media apps. The last thing you want to do is create and manage dozens of policies individually.

Tip #3 Don’t be blind. Cover all ways social is being used

There are two primary ways that users interact with social media apps. First is from the browser on their Mac or PC and the other way is from an app on their iOS or Android device. Make sure that your CASB can inspect social media usage involving both browsers and mobile apps. If you can’t cover mobile apps then you are leaving yourself vulnerable.

Tip #4 Incorporate advanced DLP into your policy

This is tied to the scalpel approach covered in tip #1. The key here is that you need to be able to inspect not only attachments and text that are part of a social media post or share, but you need to do it in a smart way so you don’t end up with a ton of false positives resulting in everything being blocked. The example I like to use is a financial services company that wanted to safely enable social media, but at the same time be FINRA compliant. This involved putting together a DLP rule that looks for keywords such as “guarantee” or “recommend” and combining those keywords with public company names and stock symbols. This requires that your CASB have an advanced cloud DLP solution with AND/OR rules, custom keyword dictionaries, proximity, and other key features. You can learn more about this use case by watching this demo video.

Tip #5 Coach users

The final tip is focused on end user experience and behavior modification. A successful enterprise social media strategy involves training users to use their best judgement. This traditionally involves training classes, email reminders, and even getting users to sign agreements. You can take this a step further by using a CASB to implement real-time coaching and have custom messages pop up when the user performs an out-of-compliant activity. When they attempt to do something risky, warn them in real-time and coach them to do the right thing.

Speaking of social media, I would love to connect with you on Twitter. You can follow me @bobegilbert

 

The post 5 tips for using a CASB to safely enable social media in your business appeared first on Netskope.

 

About the Author

Bob Gilbert

Bob heads up the product marketing efforts at Netskope, the leader in safe cloud enablement. Bob is a prolific speaker and product demonstrator, reaching live audiences in more than 45 countries over the past decade. His career spans more than 20 years in Silicon Valley where he has held product management and marketing leadership roles at various technology companies. Most recently he was the Chief Evangelist at Riverbed.

Follow on Twitter More Content by Bob Gilbert
Previous Article
Netskope Threat Research Labs Technical Analysis: CloudSquirrel Malware
Netskope Threat Research Labs Technical Analysis: CloudSquirrel Malware

Visual depiction of the life cycle of the Cloud Squirrel Attack Last week we posted an article, giving an o...

Next Article
Finding Data Exfiltration During the Cloud App Discovery Process
Finding Data Exfiltration During the Cloud App Discovery Process

Today I started a Netskope Cloud Risk Assessment for one of my customers, and guess what I found? Data exfi...