I am gonna echo David on this. Trust me, if you have me as an employee and you block Twitter/FB, I'll find a way through and probably puncture more holes in your infra. I'd rather you allocate certain hours/time limits per day for stuff like this like Creative Malaysia ( Sound system) does. Very interesting approach.
-BRIAN RITCHIE On Thu, Jul 15, 2010 at 2:17 PM, David Fetter <[email protected]> wrote: > On Wed, Jul 14, 2010 at 10:21:41PM -0500, Mohd Fazli Azran wrote: > > Hi guy!!, > > > > Long time not write something for your. Just wanna to share about > > this article. It about *"Should companies block Facebook, Twitter > > and LinkedIn?" . *Should your open or block for Social network. It > > up to you guy. On this article give some opinion. > > > > > www.networkworld.com/community/tech-debate-block-social-networks?source=NWWNLE_nlt_daily_pm_2010-07-13 > > Whatever benefit you imagine you might derive from treating your > employees like children, you will lose all of it and more because they > resent your heavy-handed tactics. You'll have created attackers > inside your trust boundary, and nothing's quite as nasty as that, from > every security perspective. > > If you want to make a policy about which sites people visit, making > that policy written, clear, in advance, and with reasons enunciated > and questionable is *much* more effective than encouraging your > employees to punch you (and your firewalls, etc.) when you establish > silly and arbitrary network outages. Trying to block ports and IPs is > stupid, wasteful, counter-productive, and, of course, ineffective. > > That said, I find multiple threats and attack vectors from Facebook > itself, which acts pretty much an attacker when it comes to anything a > Facebook user ever connects to. In the process of violating their > users' privacy, something they have an extensive track record of doing > as a matter of routine, they violate most access control policies. > > Stated that way, it's much easier to convince people that Facebook is > a problem. > > Cheers, > David. > > > > Regards, > > Mohd Fazli Azran > > OWASP Malaysia Chapter Leader > > [image: OWASP Malaysia] <http://www.owasp.org/Malaysia> > > > _______________________________________________ > > Owasp-Malaysia mailing list > > [email protected] > > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > > > OWASP Malaysia Wiki > > http://www.owasp.org/index.php/Malaysia > > > > OWASP Malaysia Wiki Facebook > > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > -- > David Fetter <[email protected]> http://fetter.org/ > Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter > Skype: davidfetter XMPP: [email protected] > iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics > > Remember to vote! > Consider donating to Postgres: http://www.postgresql.org/about/donate > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
