Where do your users want to go today and can you stop them? presented at Virus Bulletin 2008

by Bruce Hughes (Avg),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2008/abstracts/Hughes.xml

Summary : New surveys recently conducted have found that more than a quarter of employers have fired workers for misusing email and
one third have fired workers for misusing the Internet on the job. How big of a role does malicious code sent through
email and web threats play in this scenario? Surfing the web and email are two of the biggest vectors for web threats and
letting users have unrestricted and unprotected freedom to use and surf at will could cost your company big bucks.
This presentation will look at what your corporate policies should cover and how you can enforce those policies. The
growth of Web 2.0 has led everyone to creating a place to share information about themselves and their employers,
sometimes breaching confidentiality rules. MySpace, Facebook and similar sites are now a big target for the bad guys to
infect a large number of users in a short amount of time. We will look at how users bypass the protection that companies
have spent large amounts of money on, just to see the latest joke/picture/video that is circulating the Internet.
Finally, we will take a look at the legal issues and the costs web threats pose to your company, looking at some real-world
examples.

More details:1. Does your company have policies in place?A. Accessing porn or other inappropriate content.
B. Email containing inappropriate or offensive language.
C. Email attachment policy.
D. Excessive personal use of email and Internet.
E. Breaching confidentiality rules in email.

2. What can companies do to enforce those policies?A. Monitor Internet connections.
B. Monitor email.
C. Install security software.
D. Block inappropriate websites.

3. Growth of Web 2.0 (Facebook, MySpace)A. Monitor blogs to track content about the company.
B. Monitor social-networking sites.
C. Real-world examples.

4. How do users bypass policiesenforcements?
A. WebMail
B. Proxies
C. Remote PC

5. Legal IssuesA. Email subpoenaed by courts.
B. Lawsuits based on employee emails.
C. Only two states require companies to notify their workers that they are monitoring them.
D. International laws.
E. Real-world examples.

6. Costs
B. What is the cost to corporations?

7. (If time allows)
A. IM
B. P2P