Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Social networking boosts legal, regulatory compliance headaches

Lucas Mearian | May 10, 2010
For companies, the sites are too valuable as sales tools to block

PaloAlto uses firewall policy management software to control external communications at the application layer, through a user's ID and by content type.

Global investment bank Greenhill & Co. Inc. used PaloAlto's software to monitor and capture webmail used by its employees, which it said raised concerns about data security and its overall compliance stance.

"We needed better visibility into our network in order to block access to certain applications - especially Gmail over HTTPS," John Shaffer, Greenhill's director of global systems and technology said in a statement. "We could see users were circumventing our blocking solution by switching to SSL encrypted versions of webmail applications."

Greenhill's URL filtering, spyware and firewall activities were being managed by separate devices, and the company was looking for way to consolidate those services on one control panel to reduce complexity and expense.

The company allowed PaloAlto to demonstrate its firewall, and "it instantly unearthed users accessing Facebook, Gmail, RSS, Google Desktop, AOL Instant Messenger (AIM), Meebo, Skype and Yahoo! Mail."

"For the first time we could see exactly which users were accessing specific applications," Shaffer said.

The market potential for supplying social networking monitoring software hasn't been lost on entrepreneurs either.

DexRex, for example, was launched from a University of Massachusetts at Amherst dorm room in 2005 by two avid text messagers, Derek Lyman and Richard Tortora. The company recently secured $1 million in private funding.

Earlier this week, DexRex launched ChatSync v2.2, which uses extensible APIs (application programming interfaces) to plug into users' devices, messaging clients or servers in order to archive social networking communications. The service is offered both through an on-site appliance or a cloud-based SaaS model. The software provides real-time capture of social networking communications by pushing content and its metadata from Web access portals.

ChatSync 2.2 also can monitor and capture for audit e-mail, IM, SMS and social media communications, including LinkedIn, Twitter and Facebook, according to Lyman.

Lyman said the market for message capture is driven by regulatory data retention requirements, with legal discovery needs taking second place.

"We're capturing the whole category of alternative text-based communications and partnering up with the existing e-mail service providers," Lyman said. "The e-discovery side really does dictate why they want these records, and the regulators are expecting to see them."

Dan Srebnick, associate commissioner of IT Security for the New York Department of Information Technology and Telecommunications, said the city is using FaceTime's software for malware, spyware and Web filtering rather than for controlling employees' attempts to use social networks. The agency is also monitoring that activity to ensure it is consistent with the city's communications, marketing and branding policies.

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for Computerworld eNewsletters.