Search Slyck  
Study: Corporate Networks Unprepared to Face IM or P2P Threats
March 24, 2005
Thomas Mennecke
Font Bigger Font Smaller
The modern conveniences of the Internet have rightly found themselves a home in most corporate networks. Businesses have embraced and adapted mediums such as email, user forums, Intranet sites, etc. In addition, more recent advances such as Instant Messaging (IM) and Peer2Peer (P2P) have also found their way into the work environment. However unlike email, a new study shows that nearly half of all business networks have no security policy for P2P or IM use.

The study, conducted by SurfControl plc, surveyed 7,593 IT personnel regarding their Internet based communication policys. From those surveyed, over 90% had an Internet access policy, while 49% stated there was no policy regarding IM and P2P applications.

This means nearly half of those surveyed potentially have hundreds of employees randomly downloading various IM and P2P applications. Although more computer savvy individuals may know what P2P applications to stay away from, the fact that FastTrack still has over 2 million users speaks volumes.

Unfortunately, a few bad P2P apples, such as Kazaa and Grokster, have given other applications a poor reputation. The fact that FastTrack remains a large network has misled many individuals into thinking it also a resourceful network. The result? Countless individuals are downloading this software and placing their company's network at risk.

Unlike most other P2P applications, Kazaa and Grokster are notorious for bundled spyware and adware. Worse yet, both these applications connect to the FastTrack network. According to a recent study, approximately half of all files on this network are in some way corrupt. This leads to the very real possibility an individual may accidentally download and install a virus or trojan. In addition, the improper sharing of files may also lead to exposed corporate information. The cost of repairing a damaged corporate network can run into the hundreds of thousands of dollars.

The situation with IM is not much better. Although most major IM software such as AOL or ICQ is relatively benign, it lacks the security that most corporations need. When corporate networks use AOL or ICQ as their primary IM tool, they potentially leave themselves open to eavesdropping, viruses and other serious security vulnerabilities.

The study found one interesting twist of irony. Despite the lack of policies regarding IM and P2P, 83% of all respondents ranked confidential data protection as a top security concern.

This story is filed in these Slyck News categories
Technology News :: Security

You can read the press release here.

You can discuss this article here - 3 replies

© 2001-2019