Congress looks to ban P2P file-sharing Customized Seattle Mariners Jersey , will companies follow suit? Technology Articles | January 20, 2010 Normal 0 false false false EN-US X-NONE X-NONE ...
Recently in the United States Congress Cheap Seattle Mariners Jersey , Representative Edolphus Towns of New York introduced a bill (HR 4098) to ban P2P file-sharing on US government, and government contractor computers. This bill was likely prompted by the reckless loss of sensitive government documents through P2P networks including information about the Joint Strike Fighter and Marine One.
Congressman Towns had sent a letter to the Attorney General and the CEO of Lime Corp at that time requesting information. I applaud Congressman Towns' actions and hope to see quick passage of something that seems so obvious... Computers containing sensitive government data have no need for file-sharing software, which is typically used for sharing music Randy Johnson Mariners Jersey , movies, and pirated software. I don't wish to demonize P2P, as I use it regularly to download Linux distributions and other legitimate content Ken Griffey Mariners Jersey , but the bill has a provision for authorized use where necessary.
What's interesting here is that by governmental standards they seem to be taking quick action to close this gaping hole in our national security. The bigger question is, what are you doing to ensure your sensitive corporate data, and the personally identifiable information of your staff and clients is protected against leakage via file-sharing networks?
In working with companies Jay Buhner Mariners Jersey , I find that most IT departments have a policy against the use of P2P programs in the workplace. Like with many other rules though it is not monitored and there is no enforcement mechanism available to prevent their use. In addition to using the integrated application control technology in Sophos Endpoint Security and Data Protection, administrators should look to how they handle sensitive data and their firewall configurations.
With the risk of client applications sending off sensitive data, users loading more and more portable applications that do not require administrative privileges to install Edgar Martinez Mariners Jersey , and the absolutely huge risk presented by websites being compromised (3.6 per second) our firewalls should be blocking all outbound ports from within our walls.
Sending email and browsing the web are the most common applications users need to use on business networks, and that traffic should be filtered at the edge. The network edge is the most common point for both data leakage and bots sending off stolen information to criminals who prey on our users. Appliance-based or gateway DLP solutions often are unable to look for content in the fragmented packets of P2P traffic, so another approach is necessary.
Another concern is why were these sensitive documents not encrypted? At a minimum simple file-based encryption would ensure accidental sharing would not compromise the secrecy of the stolen documents. Can you say the same for your critical data? I often recommend users not only encrypt their hard disks Felix Hernandez Mariners Jersey , but also ensure that extra sensitive information like personally identifiable information be file or folder encrypted as well. This way if the file is lost or stolen, at least it is no longer accessible to third parties.
Don't let your company react to the threat of P2P file-sharing and data leakage slower than the US government. Look to the technologies available to you and find a way of giving that P2P policy some teeth.