If you're on LinkedIn, and you use a smart phone...
Andre Tomt
andre-nanog at tomt.net
Sat Oct 26 22:20:20 UTC 2013
On 26. okt. 2013 08:06, Jimmy Hess wrote:
> Perhaps a prudent countermeasure would be to redirect all POP, IMAP, and
> Webmail access to your corporate mail server from all of LinkedIn's IP
> space to a "Honeypot" that will simply log usernames/credentials
> attempted.
>
> The list of valid credentials, can then be used to dispatch a warning to
> the offender, and force a password change.
>
> This could be a useful proactive countermeasure against the UIT
> (Unintentional Insider Threat); of employees inappropriately entering
> corporate e-mail credentials into a known third party service with
> outside of organizational control.
>
> Seeing as Linkedin almost certainly is not providing signed NDAs and
> privacy SLAs; it seems reasonable that most organizations who
> understand what is going on, would not approve of use of the service with
> their internal business email accounts.
Depends on linkedin beeing nice, but could this be an idea? In addition
to the proposed network level controls of course. At least users could
get a informative response rather than just some dumb error / "it doesnt
work" if you block Intro.
http://feedback.intro.linkedin.com/forums/227301-linkedin-intro-feedback/suggestions/4801236-some-way-to-block-intro-per-domain
Votes maybe?
I considered proposing making it opt-in on the domain level, but that
wont fly for them I'm sure.
More information about the NANOG
mailing list