New way workers open the door to security threats
July 17, 2009 by Sam NarisiPosted in: In this week's e-newsletter, Latest News & Views, Regulations & Compliance
Do employees in your company use office computers to download music and video files? If so, they may be putting the organization at serious risk of data theft.
Music is often downloaded through “peer-to-peer” (P2P) file sharing networks. Instead of accessing the files from a central location, people use software to connect directly with each other and share the information.
Millions of people use that software every day – and 15% of employees admit to doing it at work, according to a recent survey by the Information Systems Audit and Control Organization.
What are the risks? Here are some threats associated with P2P file-sharing that companies need to be aware of:
- Viruses - Since users download from each other rather than a central, organized location, the possibility of downloading a file infected with a virus is much higher.
- Data leakage - Using a P2P sharing program means other users can download files off of the employee’s computer – and that may include confidential corporate documents.
- Spyware - Free downloading programs often install other applications on the user’s machine, including so-called “spyware” that steals information off of the computer.
The solution: Work with HR to develop a policy against downloading unauthorized programs and monitor the network even more closely for dangerous activity.
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: document security, P2P, peer-to-peer
Loading ...
July 17th, 2009 at 7:20 am
David Scott, author of I.T. WARS, believes these data breaches and thefts are largely due to a lagging business culture. Google “I.T. WARS” and you can read a good bit of it on Google Books – it’s also in many libraries. Read some fresh and original thinking here – http://www.businessforum.com/DScott_02.html – I urge every business person and IT person, management (IT Governance) or staff, to get hold of a copy of “I.T. Wars: Managing the Business-Technology Weave in the New Millennium.” It has an excellent chapter on security, and how to scale security for any organization, any budget. It also has a plan template with all considerations. Our CEO has read this book. Our project managers are on their second reading. Our vendors are required to read it (they can borrow our copies if they don’t want to purchase it). Any agencies that wish to partner with us: We ask that they read it. Do yourself a favor and read this book – then ask your boss to read it – then ask your staff and co-workers to read it.