Guest blogger Michael Argast, director of global sales engineering at Sophos, discusses the dangers of unauthorised peer-to-peer file-sharing technology inside businesses, and what companies can do to control the threat. Over to you Michael..
|Want to know why Michael looks like a zombie?|
The recent discovery of Marine 1’s technical specifications on a Iranian computer should remind people of the importance of securing sensitive information properly.
Peer-to-peer file sharing applications are extremely popular ways for people to pirate music and movies, and in almost all cases are not suitable for work use. Many have default configurations that will scan your entire hard drive for media files and share them automatically, resulting in accidental leakage.
In the past, nuclear plant secrets, confidential patient records and more have been lost by this gaping hole.
Stopping peer-to-peer is difficult at the gateway – many such applications are specifically designed to get around and bypass gateway filters, but stopping it at the endpoint is one effective technique.
The same technology applied to stopping malware can prevent P2P applications from being installed or running on machines, client firewalls can restrict outbound communications, and compliance tools like NAC can prevent any machine running P2P from accessing the network.
I’m certain the government contractors that leaked Marine 1’s specs wished they had done something like this – make sure your organization’s confidential data isn’t compromised in the same way.
Disk and file encryption, DLP and general anti-malware technologies are other tools at your organization’s disposal to make sure you don’t end suffering a “CNN moment” due to some stupid move.
Don’t let someone eager to get a free pirated copy of “Iron Man”,in order to check out the latest in sci-fi war technology, compromise the security of your real-world assets.