Use alternative emails
Summary
The employees must not use corporate emails to register accounts on social networks (even on +LinkedIn+).
Description
Corporate email addresses are valuable targets for phishing and social engineering attacks. Registering corporate email addresses on social networks may expose employees to targeted phishing attempts or attempts to impersonate them for malicious purposes.
Supported In
This requirement is verified in following services
Plan | Supported |
---|---|
Essential | 🔴 |
Advanced | 🟢 |
References
- NIST 800-53-PL-4_1. Social media and external site/applications usage restrictions
- FISMA-PL-4_1. Social media and external site/applications usage restrictions
free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.