IT's knee-jerk reaction to social networking sites might be to block employee access from the corporate network. This reactive solution is simply a band-aid on a much larger problem, as resourceful users always find a way around access restrictions.
In order to cost-effectively and efficiently monitor actions on the network, like downloading potentially harmful content from social networking sites, enterprises should consider shifting to a positive risk-centric model of security. This allows for the better use of existing security investments and enables a deeper understanding of internal network behavior.
To make this possible, it is necessary to monitor all communications and data traversing the network in a business context that supports the business goals and policies in place.
This drastically simplifies the visualization process and is much more future proof around potential negative impacts. And this approach will go a long way in protecting your organization from becoming a casualty in the next inevitable threat to propagate on MySpace or other emerging social networking sites.
