Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Palo Alto Networks Helps Organizations Address Privacy Concerns Associated With Facebook Social Plugins

Palo Alto Networks, today announced new functionality that enables enterprises to control Facebook Social Plug-ins, helping to ease some of the growing privacy concerns associated with facebook’s connection to third party Web sites.

Palo Alto Networks, today announced new functionality that enables enterprises to control Facebook Social Plug-ins, helping to ease some of the growing privacy concerns associated with facebook’s connection to third party Web sites.

Facbook Social plugins let users see what their friends have liked, commented on or shared on sites across the web. While the plugins are designed so that no personal data is shared with the sites on which they appear, there are several other privacy concerns surrounding the third party connection services.Palo Alto Networks Facebook Social Plugins

For example, when a user clicks “Like” or “Recommend” buttons, the user is making a public connection, which anyone can see, and on Facebook, a story will appear on the users profile and may appear in their friends’ News Feeds, just as if they had liked something on Facebook itself.

In some cases, when facebook users make a connection to a real world entity, such as a book, movie or athlete, their likes and recommendations become a part of their profile in the same way as the connections you make with Pages on Facebook. They will appear under the users “Likes and Interests” section of their profile.

Facebook users in enterprises are susceptible to having their confidential data shared with third parties due to these social plugins and the misleading and confusing ways which facebook collects and displays user data through interactions on third party sites.

The new default Facebook privacy settings can share private and corporate information with advertisers and other third parties. In enterprises, this policy has major implications, as there is no central way for IT security teams to protect their users from the unknown and – in almost all cases – unwanted privacy impact, which involves the sharing of behavioral and website information with Facebook and its advertising customers.

Palo Alto Networks’ new App-ID allows IT security teams to protect their Facebook users against the undesired data sharing while transparently preserving Facebook functionality and not breaking the functionality of other websites that rely on the Facebook Social Plug-ins.

Palo Alto Networks’ technology provides visibility and control over Facebook-related functionality, users and content using three identification functions:

App-ID identifies exactly which Facebook functionality is running on the network, as well as the associated risks, so administrators can deploy comprehensive application usage control policies for inbound and outbound traffic.

Advertisement. Scroll to continue reading.

User-ID integrates with Microsoft Active Directory and LDAP directories to link Facebook use to users and groups – not just IP addresses – for visibility, policy creation, logging and reporting.

Content-ID combines a real-time threat prevention engine with a comprehensive URL database to detect and block a wide range of threats, limit unauthorized transfer of files and data, enabling customers to scan permitted Facebook traffic for threats and confidential data.

“This is another example of the safe enablement that customers of Palo Alto Networks can uniquely take advantage of; reaping the benefit of social applications, yet mitigating the risks,” said Rene Bonvanie, vice president of worldwide marketing at Palo Alto Networks. “For example, an organization might want to enable customer service representatives to use Facebook, the chat function and the messages function, but disable Facebook Applications and Social Plug-ins to mitigate productivity and privacy concerns.”

In March, Palo Alto Networks released a report showing how heavily regulated industries are letting social networking apps run rampant within organizations. The results of the report showed that, on average, 28 social networking and p2p applications are in use within healthcare and financial service firms. As these organizations continue to rely on social media applications for business marketing and collaboration they need to pay attention to the risks associated with them.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.