The employees must not use corporate emails to register accounts on social networks (even on +LinkedIn+).
Corporate email addresses are valuable targets for phishing and social engineering attacks. Registering corporate email addresses on social networks may expose employees to targeted phishing attempts or attempts to impersonate them for malicious purposes.
This requirement is verified in following services
- NIST 800-53-PL-4_1. Social media and external site/applications usage restrictions
- FISMA-PL-4_1. Social media and external site/applications usage restrictions
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.