Modernizing Authentication — What It Takes to Transform Secure Access
''Whatever IT has been doing to date to warn against this, hasn't been sufficient,'' says Gordon Haff, an analyst with Illuminata, an industry analyst firm based in Nashua, N.H. ''Perhaps warnings haven't been explicit enough. Perhaps more technical approaches are needed since it seems you can't depend on individuals doing what they're told.''
And the numbers back up the analysts' warnings that Peer-to-Peer (P2P) applications are still plaguing corporate networks, clogging up bandwidth, slowing employee productivity and leaving companies wide open to myriad lawsuits.
AssetMetrix Research Labs, an IT asset analyst firm based in Ottawa, Canada, reports today that a recent study found that P2P applications were found in 77 percent of all companies. The report also notes that some companies have P2P applications on as many as 58 percent of their PCs, and no company with more than 500 PCs was found to be P2P free.
AssetMetrix' report also notes that a company with 1,000 PCs may have more than 80 users of P2P applications, with hundreds of Gigabytes of downloaded and potentially copyright-infringing music, movies and software.
''Everybody is doing it and it's a huge risk,'' says Dan Woolley, a vice president at network security company SilentRunner. ''They don't have the high-speed networks at home, so they do it at lunch or when the boss is away. You can find a lot of people spending a lot of time downloading things from the Web.''
And Woolley adds that it's an issue of lost productivity, copyright violations and wasted bandwidth. And if employees are downloading pornography, it raises sexual harassment issues.
''How many people never use the office telephone to call home,'' says Woolley. ''People don't look at it as abusing corporate resources but they're tying up the network.''
Woolley and Haff agree that it's long past time for companies to set up strict policies about using P2P applications for non-work-related activities, and for Internet usage in general. They also recommend making sure employees are educated about the problems they can cause the company, as well as about the policies in place and the punishments related to them. And they also recommend installing software that block ports or scan PCs to keep P2P applications off the corporate network.
''You would have thought the word would have gotten out a bit better by now,'' says Haff. ''If the usage is as widespread as it appears, then this is a real problem.''