A Quick Look at Defensio for Protecting Facebook Activities

I described how anti-malware firms are experimenting with tools that protect users’ interactions on social networking websites in an earlier post. There, I outlined key features of Norton Safe Web and BitDefender safego. I’d like to take a look at another product in this category: Websense Defensio.

Defensio in Action

After installing the Defensio Facebook app, the user has the opportunity to customize a good number of settings, which specify what content Defensio should consider unwanted, including:

  • Spam content
  • Attempts to distribute malware
  • Links to undesirable content categories (e.g., adult material, gambling, etc.)
  • Links to executable files
  • The inclusion of JavaScript or VBScript

Unfortunately, due to the limitations that Facebook imposes on its apps, Defensio can only alert the use of the unwanted activity, rather than authomatically block the action or removing the content in real time. Defensio can issue the alert via email, which is seems to do within a minute or so of the unwanted behavior.

For instance, consider the situation where your Facebook friend Jack left this comment, pointing to a malicious URL:

Defensio will alert you by email:

In my limited testing, the tool was better at alerting the user who shared unwanted content than at alerting the user’s friends. For instance when Jack posted this Facebook update, Jack received an alert from Defensio of potential spam; however, Jack’s friend who was also using Defensio did not.

Defensio includes capabilities for keeping an eye on non-Facebook web properties, such as blog contents; however, I am focusing this post on its Facebook-related features.

Defensio for the Enterprise?

Defensio is free for personal use, and is also available for a fee for organizations wishing to deploy it for up to 2,000 employees. However, I am unclear about the extent to which the enterprise would have centralized control over the employees’ Facebook activities. (See update from Websense below.)

I’d like to see the ability to enforce the organization’s social networking policies using a Facebook app, which would work even if the employee is accessing the social networking site from outside of the corporate network. This makes sense from a commercialization perspective, and we will probably see a number of products emerge in this category.

Update: Dan Hubbard, CTO of Websense at the time of the product’s unveiling, clarified the nature of Defensio’s commercial offering. The commercial versions of the product are designed for companies that wish to protect their corporate presence on Facebook. In contrast, the free offering is for individuals wishing to protect their personal Facebook accounts. Dan also mentioned that for Websense positions its Security Gateway Anywhere product for protecting employees’ web activities. In this case, “all traffic is routed through our gateway locally or in the cloud and protects the users from connecting to the sites posted within Facebook and other 2.0 platforms.”

Updated

About the Author

Lenny Zeltser is a seasoned business and technology leader with extensive information security experience. He builds innovative endpoint defense solutions as VP of Products at Minerva. He also trains incident response and digital forensics professionals at SANS Institute. Lenny frequently speaks at industry events, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more