Almost three years ago, Erado embarked on developing a social media compliance solution. Utilizing proxies was in consideration because from a developer’s perspective, it had its advantages. They are easier to build, are controlled by the company, and have the ability to block or restrict access to content and services. These statements are based on proven technology from the last millennium and have served us well. With that in mind, Erado worked on developing a social media proxy solution similar to that of our competitors.
Along the way, we hit a light bulb moment. We discovered something called mobile, the cloud, and the proliferation of social media applications (Facebook, Twitter, LinkedIn, YouTube, etc.) in just about every internet connected device. It changed our way of thinking. This made us wonder how many connected devices each employee at Erado owns, and the number of devices our clients own. On average, the answer was three. How are we going to make sure these devices are connected through our proxies? We’ve realized that there are multiple problems, and they are a thing of the past. We’ve discovered its flaws and why the proxy approach doesn’t work.
Pre-review via Proxies
Pre-review of social media content relies on proxies, and proxies work well when it’s inside a company’s network. The problem with accessing social media sites from multiple devices have virtually the same problem. Control. Proxies also present multiple deployment, management, and security issues.
On-premise Servers
With an on-premise server solution, the compliance department will need to provide VPNs to remote users that allow reps to connect to the company’s network. This is a great way to control their social media content internally, but the downside is, multiple VPNs for all devices will need to be provided. Various appliances include desktop PCs, laptops, cell phones, tablets, iPads, and iPods. With technology’s new day and age, household electronics such as the Xbox, Bluray DVD player, and Wifi enabled flatscreen TV are able to connect to Facebook and Twitter. VPNs can’t be provided for these devices, and the end-user will have to remember to turn on and off the VPN.
If the end-user fails to turn on the VPN, content can’t be previewed, thus having no control. If the end-user fails to turn off the VPN, unwanted or unauthorized content may be captured from another user with access to the device. Who is responsible for providing, managing, and making sure the end-user has a VPN on all their internet capable devices?
Software-based Proxies
Software-based proxies have additional control issues. For example, there is no way to load the software on an iPhone, iPad or iPod, without the end-user jailbreaking their device. Proxy software disrupts the devices location based services on Apple devices, and jailbreaking an Apple device voids its warranty. The issue of the end-user remembering to turn on and off the software also arises. There is no control and no way to pre-review content prior to posting if the end-user forgets, or doesn’t turn on the software. Unauthorized content could be captured if another person had access to the device. Software can’t be loaded onto the devices mentioned earlier (Xbox, Bluray, DVD player, Wifi flatscreen TV). Who is responsible for making sure the software is loaded on every internet capable device the end-user has?
Browser-based Services (PAC files)
Browser-based services have issues of their own. My desktop and laptop has three browsers (Explorer, Firefox, Safari, Google Chrome), and my cell phone and iPad has two browsers. From an industry standpoint, in order to pre-review content using the browser-based services, PAC files must be loaded into all browsers on all devices. There’s that option, or there needs to be management making sure the reps only access social media accounts through a browser with the PAC file loaded. PAC files can’t be loaded on a Xbox, Bluray DVD player or TV because there are no browsers.
What if the end-user is on vacation and accesses their Facebook from an internet cafe because their cell phone doesn’t have service? Another question to keep asking youself is who is responsible for making sure these PAC files are loaded in every browser, on every internet capable device?
Browser-based Services (Portal)
This approach is unique and has one major flaw. Why access social media sites on a desktop or laptop when Facebook and Twitter apps are conveniently installed on most devices? What if the rep forgets, or chooses not to enter their social media site through this portal? How would this be managed? Since the Xbox, Bluray DVD player, and TV have no browsers, there is no way to enter through a portal. These access points can’t be controlled, therefore browser-based service portals don’t work.
When it comes to the three Ds of compliance, “Define your policy, deploy your policy, and defend your policy,” you can’t deploy or defend policy that can’t be controlled. Proxies lack control of deployment, management, and security. Ultimately, these are the major problems with proxies from a compliance standpoint, which is why we choose not to use them.
