Energy Company Uses Location-Based Social Media to Improve Corporate Security

Detecting Social Media Exposure at Secure Locations

Social media posts should never be attributed to secure facilities and areas where security polices forbid the use of social media. Secondly, threat actors are very interested in gathering insight into what organizational or personal vulnerabilities can be exploited. Location-based social media dramatically increases physical and cyber risk in a multitude of ways.

Using DigitalStakeout Scout, a corporate security analyst of an energy company identifies social media content posted around the company’s critical infrastructure. The analyst discovers a picture posting containing one of the company’s critical site locations. Through additional follow up, the analyst determines the photograph was taken from within a secured area. The energy company acted immediately; deploying personnel to the general location of where the photograph was taken in order assess physical security risk and prevent a future exposure.

Energy Company Monitors Critical Sites for Location-Based Social Media

Using DigitalStakeout Scout location-based monitors each of the company’s critical infrastructure sites were monitored for any geo-tagged social media or web content in proximity to the locations. Any occurrence of a geo-enabled post at a secure sites would trigger an alert.

Threat Analyst Reviews for Potential Exposure

After being alerted to a geo-enabled post coming from a critical site, the analyst quickly able to review the content and attached image to determine if the post created an exposure. The analyst was also able to quickly review for posts inside the geo-fence to determine if there was additional exposure present.

Using Location-based Social Media Monitoring A Physical Risk is Mitigated

The company has real-time situational awareness of where and how social media is being used at critical locations. This enables security personal to align other physical controls, reviews and training to improve organizational OPSEC and the security resiliency at critical sites.