* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [Uncategorized](https://www.paloaltonetworks.com.au/blog/category/uncategorized/)
* OMG! Facebook Users are V...

# OMG! Facebook Users are Voyeurs!

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2010%2F10%2Fomg-facebook-users-are-voyeurs%2F)  
[](https://twitter.com/share?text=OMG%21+Facebook+Users+are+Voyeurs%21&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2010%2F10%2Fomg-facebook-users-are-voyeurs%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2010%2F10%2Fomg-facebook-users-are-voyeurs%2F&title=OMG%21+Facebook+Users+are+Voyeurs%21&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2010/10/omg-facebook-users-are-voyeurs/&ts=markdown)  
\[\](mailto:?subject=OMG! Facebook Users are Voyeurs!)  
Link copied  
By [Matt Keil](https://www.paloaltonetworks.com/blog/author/matt/?ts=markdown "Posts by Matt Keil")  
Oct 28, 2010  
5 minutes  
[Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)  
[application control](https://www.paloaltonetworks.com/blog/tag/application-control/?ts=markdown)  
[application usage \& risk report](https://www.paloaltonetworks.com/blog/tag/application-usage-risk-report/?ts=markdown)  
[social networking](https://www.paloaltonetworks.com/blog/tag/social-networking/?ts=markdown)

The latest Application Usage and Risk Report shows that when at work, Facebook users exhibit passive, voyeuristic usage patterns as opposed to a more active game playing or posting usage pattern. This activity pattern indicates that the "productivity loss associated with games or posting" is somewhat overblown. Inbound and outbound security risks DO exist, however, a non-productive employee is just that, non-productive; social networking is just one of the tools used to avoid work.

[](http://www.paloaltonetworks.com/researchcenter/wp-content/uploads/2010/10/voyeurs_small.jpg)  
[![Facebook users tend to watch, not post or play games.](https://www.paloaltonetworks.com/researchcenter/wp-content/uploads/2010/10/voyeurs_small.jpg "voyeurs_small")](http://www.paloaltonetworks.com/researchcenter/wp-content/uploads/2010/10/voyeurs_small.jpg)

Categorically, an average of 5 different social networking applications (out of 51 total) were found in 95% of the 723 participating organizations. Facebook was the most commonly found at 96%. This near ubiquitous use of social networking contradicts the recent surveys touted in the press that show 50% or more of the organizations are blocking these applications. A 46% discrepancy far outside the margin of error and demonstrates the value of network analysis (reality) and survey data (perception).

Looking more closely at Facebook, shows the sheer dominance of Facebook. The four unique applications (Facebook, Facebook Posting, Facebook Apps and Facebook Social Plugins) consumed 78% of the total social networking bandwidth (3.9 TB). The remaining top four (Twitter, Stumbleupon, Linkedin and Myspace consumed a mere 7% with the remaining 43 social networking applications were left to share the remaining 15% (1.1 TB) of bandwidth. Pretty dominant don't you think?
[![Most frequently detected social networking applications and the bandwidth consumed.](https://www.paloaltonetworks.com/researchcenter/wp-content/uploads/2010/10/blog_socializing_small4.jpg "blog_socializing_small")](http://www.paloaltonetworks.com/researchcenter/wp-content/uploads/2010/10/blog_socializing_small4.jpg) Most frequently detected social networking applications and the bandwidth consumed.

A more in-depth analysts of the Facebook specific traffic indicates that users are:

* Voyeuristic: While at work, users like to watch, which means that they are not playing games of posting furiously, which weakens the "lost productivity" argument against Facebook dramatically. The traffic patterns strongly suggest that Facebook users login to their wall, and keep it running all day, regardless of whether they are actually watching. This pattern is no different than opening an instant messaging application, or an email application and leaving it open all day. Make no mistake, there are other business and security risks associated with watching, but the potential productivity loss is small.
* Playing games less than originally thought: Comparatively speaking, Facebook Apps (games) represents a scant 4% of the traffic.
* Posting only occasionally: Facebook Posting represents an even smaller 1% of the traffic, yet the small amount of use should not minimize the risks in terms of what users are saying about work related subjects such as current projects, travel plans, and company status.

**A Hidden Risk: Next-Gen Social Engineering?**  
Social networking application usage and adoption rates have accelerated to unprecedented levels with much of the growth driven by Facebook. The broadcast nature of the social networking distribution model represents significant outbound risks in terms of what a user says about the company, their projects, their travel plans, or company status on their social networking pages. An article earlier this week on [SecureList highlights](http://www.securelist.com/en/blog/303/Do_You_Know_Whos_Really_Viewing_Your_Facebook_Profile) a real world example of how cyber criminals can gather information about you.

Far more detail on social engineering 2.0 is included in the [2010 Verizon Data Breach Report](http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf). The report discusses how attackers patiently collected information on their targets, taking any length of time to collect the desired data points using a combination of traditional social engineering techniques, updated for today's web 2.0 world. Social networking sites can help uncover corporate roles or answers to security questions (names of pets, celebratory dates, favorite sports teams). Hijacked social networking user credentials can be used to convince a user to click on a URL with embedded malware, thinking it was from a friend. The malware in turn collects data such as user names and passwords that is used to help achieve the objectives. Additional examples provided by the Shadow Server Foundation in their report, [Shadows in the Cloud: Investigating Espionage 2.0](http://www.nartv.org/mirror/shadows-in-the-cloud.pdf), describes how attackers were able to compromise nearly 1,300 computers in 103 countries by convincing users to click a URL, download a document, presentation, or PDF file that has been sent by (supposed) friends or acquaintances.

**What to do?**

As each week goes by, Facebook is being viewed as an integral business component as opposed to the previous view of nuisance and waste of time. A perfect example is the recent announcement by Delta Airlines that they would be enabling reservations via their Facebook page. Another example is the US Army and their use of Facebook as another element in their recruitment efforts. The challenge that many security professionals are faced with is the fact that the rapid growth has caught everyone by surprise and the traditional, security best-practices response to surprises is try and block or control them while policies are developed and implemented. The challenge of course is the plain fact that speed of adoption and caution do work well together.

Like any application that is brought into the enterprise by end-users, blindly allowing Facebook may result in propagation of threats, loss of data and damage to the corporate reputation. Blindly blocking is also an inappropriate response because it may play an important role in the business, and may force users to find alternative means of accessing Facebook (proxies, circumvention tools, remote access, etc.). Organizations should follow a systematic process to develop, enable and enforce appropriate Facebook usage policies while protecting network resources.

*** ** * ** ***

## Related Blogs

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Automation of the Week](https://www.paloaltonetworks.com/blog/security-operations/category/automation-of-the-week/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### A Day in the Life with Your AgentiX Automation Engineer Agent](https://www.paloaltonetworks.com.au/blog/security-operations/a-day-in-the-life-with-your-agentix-automation-engineer-agent/)

### [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Beyond the Cloud Dashboard: Exposure Management Requires Full-Scope Visibility and Real Action](https://www.paloaltonetworks.com.au/blog/security-operations/beyond-the-cloud-dashboard-exposure-management-requires-full-scope-visibility-and-real-action/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### From ILOVEYOU to AI Defenders -- 25 Years of Email Evolution](https://www.paloaltonetworks.com.au/blog/security-operations/from-iloveyou-to-ai-defenders-25-years-of-email-evolution/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### The 3Cs of AI Red Teaming: Comprehensive, Contextual \& Continuous](https://www.paloaltonetworks.com.au/blog/network-security/the-3cs-of-ai-red-teaming-comprehensive-contextual-continuous/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Securing Shadow AI with Cortex Xpanse](https://www.paloaltonetworks.com.au/blog/security-operations/securing-shadow-ai-with-cortex-xpanse/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### SIEM Replacement Made Easy (Yes, Really!)](https://www.paloaltonetworks.com.au/blog/security-operations/siem-replacement-made-easy-yes-really/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language