1. OCAU Merchandise is available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion in this thread.
    Dismiss Notice

Social Software and its place in Enterprise

Discussion in 'Business & Enterprise Computing' started by psychobunny, Jun 18, 2010.

  1. psychobunny

    psychobunny Member

    Joined:
    Mar 30, 2006
    Messages:
    2,426
    Location:
    Melbournish 3113
    So far there has been plenty of talk in the industry about web2.0 and more about social software. Within my company we are venturing into this space with one tool and it plays quite a large part in my objectives for the coming financial year.

    My daily digest of news included the following: http://blogs.techrepublic.com.com/networking/?p=3106&tag=nl.e106 While this talks about it and I've seen case studies on other companies with their rollouts, I'm curious to see what thoughts the collective powers of OCAU can bring to the table

    Ideally I'd like to know if anyone else is venturing into this field, or already has, and what they've found, particularly with a company of about 7000 users logging in
     
  2. Nyarghnia

    Nyarghnia (Taking a Break)

    Joined:
    Aug 5, 2008
    Messages:
    1,274
    Social Software or 'Web 2.0' (I hate that term btw) presents many issues to an organisation that is thinking of trying to leverage it.

    Here's just a few questions that your business will need to think about, it's hardly an exhaustive list.

    Firstly... what does the busines hope to achieve with it?
    Is it seen as an aide to collaboration?
    A way of keeping in touch with customers?
    A General means of communication?

    Will it be for internal use only?
    Personal use? a mixture?

    Where is the data going to be stored (these systems all accumulate a lot of data)? Who will have access to it?

    How is this data going to be managed?
    If the web 2.0 facility is to be used to facilitate b2b and b2c communication then you may be required for statutory reasons to keep records for up to seven years, this needs to be given careful consideration if in future you decide to migrate to another web 2.0 app.

    Will there be any integration with inhouse or externally housted applications?

    Then there's the usual bugbears of privacy, confidentiality of information, possible breaches of disclosure agreements and so forth..

    One organistion who's CIO I sometimes chat with was dabbling with the whole 'web 2.0' thing but it all went a bit pear shaped, legal and compliance issues just kept raising their heads and eventually management of 'web 2.0' services almost became a cottage industry, in the end it was killed off primarily because it was a cost that was not adding any value to the business.

    And in my view, that's the harsh reality by which any I.T initiative must be measured against.

    -NyarghNia
     
    Last edited: Jun 18, 2010
  3. 7nothing

    7nothing Member

    Joined:
    Feb 15, 2002
    Messages:
    1,726
    Location:
    Brisbane
    In the case of social networking websites, their place in enterprise is a deny rule in your firewall.
     
  4. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,422
    Location:
    Narrabri NSW
    +1
    And +10 for major ones like Facebook.

    I do like wikis for collaborative documentation though. Internal use ones are good for documenting projects, systems, policies, etc. Especially once you link the wiki system to existing user accounts so it's all authenticated.
     
  5. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,699
    In a dying enterprise perhaps...

    Times are changing, Social Network sites are just another communication channel that needs to be managed correctly. I see no argument for blocking facebook that cannot be made for blocking all extra-company E-mail. But that is still firmly on the 'allow' list
     
  6. Nyarghnia

    Nyarghnia (Taking a Break)

    Joined:
    Aug 5, 2008
    Messages:
    1,274
    I would concur with this assessment.

    Treat social software with extreme care, tread at your (or your company's) peril.

    Not here it aint, i'm setting up a seperate system to handle extra-corproate e-mail (ie from customers), i'm talking to our security solutions provider about whitelisting of e-mail.

    In last couple of weeks... (looks at firewall stats).. This is to provide an example of why many places are considering whitelisting of e-mail and even segregation of e-mail into 'public'
    vs 'corporate/trusted/known'.

    Messages processed: 25,000~

    78% of all inbound mail is immediately confirmed as SPAM and just dumped, not even quarantined
    More than 5% of all inbound mail contains viri and other 'nasties', which are stripped and mail quarantined
    About 10% of mail is flagged a 'Spam Suspect' and quarantined, out of these, about 95% of them are eventually purged
    That leaves less than 7% of all incomming mail as being legitimate

    I shudder to think of the horrors being downloaded onto a network that allows social networking website embedded content...

    -NyarghNia
     
    Last edited: Jun 22, 2010
  7. cbb1935

    cbb1935 Guest

    They are another way for people to be logging in, click that link which says "New Funny Video" DURING WORK HOURS, and the rooting up their profile when it gets some new absurd 0 day spyware/malware installed that 3 major AV vendors missed.

    But hey, it keeps me employed fixing the damage done.
     
  8. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    18,506
    Location:
    Canberra
    Those figures correlate closely to what my personal mail server/domain sees (about 4,500-4,800 mails a day). Little bit higher on immediate spam, and less on suspect spam, but otherwise spot on.

    Went years with no spam at all, then I guess the spammers discovered the .tk TLD.
     
  9. dave_dave_dave

    dave_dave_dave Member

    Joined:
    Mar 17, 2004
    Messages:
    2,993
    Location:
    Gold Coast
    We tried it for a few days on a network of 250 users. Productivity droped to almost zero and virii, spyway and junk was at an all time high detection and block rate on the workstations virus scanners.

    As other have said. Social networkings place is to be blocked by the firewall. :thumbup:
     
  10. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,848
    Location:
    Brisbane
    Whitelisting incoming email for a company that expects new business is batshit insane.

    Get a decent spam filter (Brightmail/Ironport Appliance), forget about it.

    Ironport blocks some absolutely crazy number here per day, false positives are almost zero (I think i've had to troubleshoot 1 or 2 in the 2 and a bit years we've had the device) and we hold a small party when spam/virii/malware actually makes it to a user - these parties are few and far between.
     
    Last edited: Jun 22, 2010
  11. Bonkers

    Bonkers Member

    Joined:
    May 8, 2002
    Messages:
    1,608
    Location:
    Brisvegas
    I really liked the look of salesforces upcoming 'chatter' product (http://www.salesforce.com/chatter/). Would be very useful for project management.

    I'm guessing this is the kind of thing you were talking about?

    Does anyone know of anything similar to this that has come out / is coming out?
     
  12. itsmydamnation

    itsmydamnation Member

    Joined:
    Apr 30, 2003
    Messages:
    10,738
    Location:
    Canberra
    yes ironports for the win,

    stuff like OCS is quite good. but we only use it internally. messanger and Video ( we have OCS but no VOIP....:lol: ).

    i have to disagree with the statement about Social networking should be a deny statement on a firewall. it should be a redirect to a web server hosting a picture of Mr T or a video of Terry Tate.
     
  13. Swathe

    Swathe (Banned or Deleted)

    Joined:
    Mar 23, 2007
    Messages:
    2,508
    Location:
    Rockhampton
    I'm so glad we block Facebook. If I could turn back time I would have never signed up in the first place.
     
  14. Nyarghnia

    Nyarghnia (Taking a Break)

    Joined:
    Aug 5, 2008
    Messages:
    1,274
    Nah, not blocking it entirely, hard to describe here, but it's going to a seperate mail system that's in a seperate virtual network (if that makes sense), people can still access it fairly easily to check stuff, this is where 'new contacts' will go.

    It's a bit extreme I admit but the problem we have is that Mr average Joe's PC is likely infested with god-knows-what and I can't have mail from Mr and Mr anyone just landing on the corporate network anymore.

    For example, we had one guy a few months ago send us a mail the other day, his e-mail software embedded a graphics file (in PDF format), the firewall flagged it as being infected, turns out the file in his e-mail (Photo of a property) contained a virus/trojan, a real nasty one too.

    If the mail server gets compromised, it just gets nuked, it's entirely isolated from the internal trusted network.

    We're also revisiting the whole 'whitelisting' of the 'net and adopting a similiar approach.

    The Internet is just damned dangerous. Maybe i'm being a bit extreme but ...

    -NyarghNia
     
  15. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,848
    Location:
    Brisbane
    You are.

    I don't know any federal government network that works like this. Or any Top500 company in Australia.

    Clearly you have flaws in your Email, Email sanitation (AV/Spam) and Desktop AV solutions - it will be far cheaper, and give better results - to address these problems, than create some extreme crazy DMZ mail server idea.
     
  16. Nyarghnia

    Nyarghnia (Taking a Break)

    Joined:
    Aug 5, 2008
    Messages:
    1,274
    With all due and sincere respect, I think you are mistaken.

    We're already running state of the art proxy/firewall systems with deep packet inspection, UTM, reporting and content management. I have external and internal security audits carried out on a regular basis including active penetration testing from both the external network and the internal truted network.

    The problem I am foreseeing is that all of this requires vendors to be 110% on top of catching the bad stuff, if we get a zero-day threat that is not yet detected by either the Firewall/Spam Filter/Gateway AV/Mail server AV and ultimately desktop AV then potentially we're all screwed and that goes for everyone.

    All i'm doing is partitioning the problem, so far.. 100% of all 'nasties' which I have had arrive via E-mail have been from unkown/untrusted sources (ie.. Joe public).

    If I can send the overwhelming, vast majority of traffic to a DMZ type mail system that is entirely disposable, then by defintion I am reducing the likelyhood of something nasty landing on the trusted corporate network.

    -NyarghNia
     
  17. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,848
    Location:
    Brisbane
    This is why you have multi-vendor Spam/AV solutions (e.g Ironport supports Sophos and McAfee AV rules).

    You've never really let on what your company does, but the questions you post here in B&EC let on that they've let a reasonably inexperienced person take on a fairly all encompassing role - which is fine, people need to start somewhere.

    What you are suggesting reminds me of protected networks (fed gov has them for classified mail - however this is for transferring sensitive material, they still recieve regular unclassified mail from the greater WWW) taken to the extreme.

    I'll wait for IACSecurity to step in, but the solutions your proposing don't really add up (in terms of them being required) from the information i've seen.
     
    Last edited: Jun 23, 2010
  18. afterburner7

    afterburner7 Member

    Joined:
    Nov 6, 2008
    Messages:
    123
    ive been looking for a good inexpensive corporate IM communication tool for the business. I had play with jabber but didnt really like it. Looking for more of an MSN messenger for the business but with only a business list of contacts available and that is logged and able to be audited.

    anyone using google talk?
     
    Last edited: Jun 23, 2010
  19. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    18,848
    Location:
    Brisbane
    Microsoft makes it

    Office Communicator.

    http://office.microsoft.com/en-us/communicator/
     
  20. afterburner7

    afterburner7 Member

    Joined:
    Nov 6, 2008
    Messages:
    123
    but its damn expensive?
     

Share This Page

Advertisement: