Date

By Source

By Technology

By Services

By Audience

Displaying 9421 to 9450 of 9936

Online file transfer – the next P2P?

ANALYSIS – In recent months, new online file transfer and storage applications have popped up with increasing frequency and the latest, Docstoc makes concerted efforts to simplify the upload process by installing an applet on your desktop. Docstoc differentiates itself by claiming that they want to be the Youtube of professional documents – a place where you can find template NDAs, privacy statements and so on. Moving large files around can be painful and file sizes show no signs of getting smaller – video, graphics images, etc are all conspiring …

Matt Keil,
  • 0
  • 0

P2P Networks: A Treasure Trove of Data

ANALYSIS – Music and video are not the only things you can find on P2P networks. Sure, everyone has heard about the massive loss of employee data caused by P2P usage but what about the less publicized loss of personal documents, billing information, and corporate IP? In this InformationWeek article, the author tests P2P networks for himself, searching the popular P2P networks for file types other than music and videos. The author was able to find personal information, court proceedings, billing data, social security numbers and intellectual property with seemingly …

Matt Keil,
  • 0
  • 0

What is this application and what should I do with it?

The rapid evolution of the application landscape has security administrators scrambling to determine which applications are traversing the network and how they should treat them. More and more applications, both business and end-user oriented, are using evasive tactics to bypass detection. Whether it is a virus update using port 80 (but not HTTP) or a more nefarious application that uses SSL or hops from port to port, the task of controlling applications and protecting the network has become a daunting one. To enable a more prudent decision making process on …

Matt Keil,
  • 0
  • 0

File Sharing Sites On the Rise

ALERT – FileDropper is yet another online file sharing site that allows users to upload files, in this case, up to 5 GB to a site and receive a URL which they can send to anyone. Joining the many other file sharing sites like Megaupload, RapidShare and MediaMax, these applications are filling the need for users who want to share big files and have no way to do so. Want to share a video with a friend, this is a great way to do it. Want to post a customer …

Matt Keil,
  • 0
  • 0

Taking a Page From the Google Playbook?

ANALYSIS – This SearchSecurity.com article on Tor (The Onion Router) tries to build a case for using TOR within a corporate environment and in fact have come out with a feature to disguise the use of TOR itself. For those who are unaware, TOR, developed by Roger Dingledine and Nick Mathewson with sponsorship from the US military, is an encrypted anonymizer. Load it on your PC and you pass right through the corporate firewall in an encrypted (proprietary) tunnel. Few if any legitimate use cases for TOR within a corporate …

Matt Keil,
  • 0
  • 0

Be Afraid. Be Very, Very Afraid.

ANALYSIS – A great article in CIO magazine that highlights nine consumer technologies that CIOs should be scared of (VoIP clients, web-based productivity tools, digital cameras, remote online storage, smart-phones, and social networking, IM, consumer email, Portable storage). With six out of nine technologies being applications, the article highlights the fact that CIOs are aware that these applications are (or may be) on their networks and that their presence places the company network at risk, be it a compliance, data loss, business continuity or operational perspective. Interestingly, all of the …

Matt Keil,
  • 0
  • 0

Once You Check In, You Can’t Check Out

ANALYSIS – Just in case you did not have a good reason to stay away from social networking sites, this article from the NY Times should provide one for you. Or at least it will make you think twice about joining and what gets posted. The article outlines the (difficult) process that users must go through to break free from the Facebook clutches. The ramifications of the relative permanence of the data posted may not worry the social users (although it should), but corporations should definitely take notice. Particularly as …

Matt Keil,
  • 0
  • 0

Could it be Just a Matter of Time?

ANALYSIS – While not quite as blunt as earlier articles (InfoWorld), the message that Google is relaying to IT departments in this WSJ Online article is this—resistance is futile—our applications will be on your network whether you like it or not. The latest salvo comes in the form of a new version of Google Apps that allows sharing of docs with others based on the company email addresses. And when critical mass is achieved, then IT will be forced to succumb. The security risks with this approach are many. Is …

Matt Keil,
  • 0
  • 0

What’s Leaking Through Your Webmail Account?

ANALYSIS – This article is a perfect example of why enterprise organizations should take a close look at their policies on use of webmail accounts. More and more employees rely on their personal email accounts to keep in touch with the outside world even during work hours and because many of these webmail applications are easier to use from remote locations than Outlook, it is not uncommon for work related traffic to flow across personal email accounts. A risky combination to be sure making the chances of data loss and …

Matt Keil,
  • 0
  • 0

When is Facebook Considered an Enterprise Application?

ANALYSIS – This Network World article raises an interesting question. And the answer is Facebook and other web 2.0 applications, can be considered enterprise applications when they are used internally as collaboration, education, and recruiting tools. This trend makes perfect sense for several reasons. First off, new employees are using these tools now and why not leverage that fact to attract the best talent. Plus, when new employees are hired, they will no doubt continue to use these applications and in fact will view it as acceptable work-hours activity. Finally …

Matt Keil,
  • 0
  • 0

If It Works Here, It’ll Work Everywhere

ANALYSIS – As more and more schools look to gain visibility into the use of peer-to-peer (P2P) and other applications running on their networks, UC Santa Cruz, arguably one of the more liberal and vocal members of the UC system, has implemented P2P control policies. Maybe they figured if it works here, they can implement across the UC system? Whatever the thought process, the students are rebelling to the point that a mechanism to bypass the control mechanism has been published. Universities in general are between a rock and a …

Matt Keil,
  • 0
  • 0

A Deal With the Devil?

ANALYSIS – This article is downright humorous. Here we have two networking companies, each with security products or at a minimum, security features, who have indirectly endorsed the same application category (P2P) that has been the source of some of the largest data leakage incidents in recent times. Granted, the software was not the direct cause of the leaks, the user had some involvement. And yes, some of the P2P applications are now being used for legitimate commercial purposes, but doesn’t the mere fact that these companies endorse the technology …

Matt Keil,
  • 0
  • 0

Web Site, Application or Both – Threats related to Facebook are Increasing

ALERT – A new threat on Facebook that tricks a user to download spyware is the latest threat to show up on social networking sites such as Facebook and it raises an interesting dilemma for security practitioners. How should Facebook be treated when it comes to security policies: as a web site, as an application, or both? Clearly it is a web site but now that the “Facebook platform” features are available allowing applets, widgets and applications to be created for it, how will the security policy protect the network? …

Matt Keil,
  • 0
  • 0

LimeWire Claims: We’re #1!

ANALYSIS – This article highlights the fact that even with the negative publicity, the risk of lawsuit or loss of personal information, P2P applications remain extremely popular. The application is supposedly installed on 36.4% of all PCs -approximately 1.66 million desktops worldwide, making it the current leader in P2P market share. Interestingly, the article also points out that LimeWire is the target of an RIAA lawsuit, which is an ironic twist to the positive nature of the article. Hopefully, every user has taken care to configure the P2P application correctly …

Matt Keil,
  • 0
  • 0

To Blog or Not to Blog

ALERT – Blog. At least that is what more and more people are turning to when they want to express themselves. As with most applications, blogging is not inherently bad. However, it makes sense to have a clear blogging policy. There are many potential reasons to have an explicit blogging policy — ranging from avoiding employee productivity drain to protection of trade secrets to avoiding violations of securities laws. Regardless of the policy or reasons for it, PAN-OS can help identify and control the blog posting activity within the enterprise. …

Matt Keil,
  • 0
  • 0

Do End Users Read the Privacy Statements?

ANALYSIS – Google Desktop is one of those applications that can be seen as a productivity tool by end-users and a huge security hole by security experts. This CSO article outlines how Google Desktop works and some of the potential ramifications of the indexing and search functions if not configured correctly. More interesting is the Google privacy statement which outlines how it will use the data that is collected. Which leads one to ask, do those who download and use Google desktop read these documents and if so, do they …

Matt Keil,
  • 0
  • 0

Comcast wants to block BitTorrent… How about you?

ANALYSIS – Comcast, the Internet Service Provider, has allegedly been throttling traffic for subscribers who are using peer-to-peer (p2p) applications such as BitTorrent. Comcast has justified this action by claiming BitTorrent and p2p applications are most well known for sharing music files, movies, videos, and software applications, with most of the files being shared illegally. This blanket stance does not take into consideration the legitimate p2p uses: Legally sharing large files that aren’t copyrighted. Commercial uses such as BitTorrent’s DNA service that is a fee-based streaming video service and Valve …

Matt Keil,
  • 0
  • 0

Another Subtle Reminder on the Risks of P2P…

ANALYSIS – In this Wall Street Journal article, the author does a great job of highlighting the hidden risks of P2P applications. With more than 450 Million copies of P2P software deployed, 12 million of which are in use (online) at any given time, the risk of inadvertent sharing of files remains high. The article focuses on sharing of personal files, such as tax return docs and so on, neglecting to touch on the very real and significant risk of inadvertent sharing of corporate Intellectual Property. The risk of inadvertent …

Matt Keil,
  • 0
  • 0

Another Large Enterprise Sees the Web 2.0 Light…

ANALYSIS – This Network Computing article highlights how T. Rowe Price has embraced Web 2.0 technologies to enable more effective information gathering and sharing. Using wikis, discussion software and instant messaging, T. Rowe Price is reaping the benefits of information sharing, although not without some challenges – mainly resistance to change. One aspect that was absent is in the article is what they are doing to ensure that the network is kept secure, a key consideration, given that many of the applications in use may not be visible to the …

Matt Keil,
  • 0
  • 0

Can Users Be Trusted to Do the Right Thing?

ANALYSIS – An interesting Dark Reading article on Software as a Service (SaaS) where the CTO of Google challenges enterprises to trust their users to do the right thing when it comes to application usage. And at the same time, stresses that appropriate security policies should be in place: Communication and trust are key to building a secure SaaS infrastructure, according to Glotzbach. “As you look at Web-based applications, you have to have the [security] policies in place that have been clearly communicated,” he said. “But to some extent you …

Matt Keil,
  • 0
  • 0

WeBot Can Turn Any PC into a Streaming Media Server

ALERT – WeBot is an application that turns your computer into a streaming media server. WeBot allows users to gain real-time access to their digital media files at home via an Internet enabled computer. In addition to providing immediate access from an Internet enabled computer, WeBot even makes it possible to stream music and pictures directly to an iPhone which prevents the need for syncing and filling up limited iPhone memory. WeBot is currently in beta, but the desktop application already supports Windows XP, Vista, Mac OS X, with a …

Alfred Lee,
  • 0
  • 0

Joost Opens 1.0 Beta

ALERT – The wait is over… No longer do users need a precious invitation to join the closed Joost beta to experience IPTV at its best. Joost has recently opened their 1.0 beta to the public. Enhancements include a slightly revised user interface and open API for 3rd party widget development. Joost has differentiated themselves from other online content providers in both delivery and quality of content. By using a peer-to-peer distributed streaming model to deliver video content, as opposed to relying on a central server, Joost is able to …

Mike,
  • 0
  • 1

P2P Strikes Again!

ALERT – Peer-to-peer (P2P) software continues to cause security risks for users and corporate networks with private data being accidentally shared across file sharing networks. ABN Amro (CitiGroup-owned mortgage company) recently reported that a former employee had exposed a couple of spreadsheets with 5,000+ social security numbers and other private customer information. A data-leakage protection services company traced the source of the ABN Amro data to a computer with BearShare file sharing software installed on it. BearShare is a P2P file sharing application that originally provided support for the Gnutella …

Matt Keil,
  • 0
  • 0

Meebo Adds File Sharing Service

ALERT – Meebo, the web-based instant messaging service, has now added a file transfer feature that allows users to share files with IM contacts regardless of which IM network they are on. Utilizing Amazon’s S3 (Simple Storage Service), Meebo provides a 2-step file transfer process. When users upload a file with Meebo it is sent to Amazon’s S3, Meebo then sends a link to the file back to the receiver. The receiver has 4 hours to download it before the file expires. Initially, Meebo has limited the file transfer to …

Matt Keil,
  • 0
  • 0

Fake Tor Application Helps Storm Worm Spread

ALERT – Capitalizing on user fears of hackers capturing and viewing their internet traffic, the Storm worm’s latest propagation method uses spam email with the subject line “Careful, you.re being watched.” to suggest that users download an application called Tor to provide safety and anonymity in surfing the web. However, when users click on the link to download the Tor file, they are actually downloading malware assumed to be more copies of the Storm worm. Storm worm-infected computers are turned into bots or zombie computers which listen for commands from …

Matt Keil,
  • 0
  • 0

Is there an Elephant in the Room?

ANALYSIS – In this Network World article, the author raises the topic of what is really going through port 80 on most firewalls. Sure, visits to Yahoo, Google, and the other millions of web site destinations is dutifully following the guidelines around port usage. But does everyone know how many other applications are also using port 80? Almost every one of the 30 odd Instant Messaging applications will pop through port 80 if the default ports are blocked. Google Talk is yet another example. With the web now a key …

Matt Keil,
  • 0
  • 0

Yet Another Reason To Block P2P?

ANALYSIS – This article shows how hackers can add insult to injury by releasing a Trojan that laughs at you while it erases your files. Originally developed as part of the Usenix network, P2P has become a poster child for bad network behavior – bandwidth consuming, malware carrying, and easy to mis-configure. And this particularly nasty piece of malware only enforces the bad rap. Yet P2P can, and is used for positive, commercial purposes as evidenced by an ongoing stream of announcements from companies like Microsoft, which means that IT …

Matt Keil,
  • 0
  • 0

Web 2.0 Tools: Productivity Gain or Security Threat?

ANALYSIS – Two recent articles about web 2.0 tools present two very different views – productivity tool or a security threat. Clearly these tools are gaining significant visibility within enterprises as a means to quickly roll out new applications and technologies. The end result of course is to gain a competitive edge. But the speed with which the tools are developed, and possibly deployed raises the issue of security. Are they safe, can they be secured, what is at risk if they are compromised. Web 2.0-Style Mashups Making Major Inroads …

Matt Keil,
  • 0
  • 0

Google Desktop Can be a Wolf in Sheep’s Clothing

ALERT – Google Desktop has become popular in large part due to very painful desktop search functions in Windows. It is able to find documents and email very quickly and accurately. However, it has a feature that should probably be of considerable concern for enterprises. A feature called Search Across Computers ought to raise eyebrows. The feature uploads text versions of all indexed files to Google’s servers in order to allow users to find information they are looking for regardless of which computer they might be using at the time. …

Matt Keil,
  • 0
  • 0

Meebo Repeater: An Evasive Extension to an Already Evasive App

ALERT – If you are trying to control IM use and haven’t heard of Meebo, it is very likely your users have. Meebo’s purpose in life is to allow people to continue using IM even at companies that have a policy to block it. It is a web-based multi-protocol IM client that is accessed via HTTP or HTTPS. During early adoption, just being web-based was enough to get out of most networks. However, as administrators started blocking access to Meebo’s web servers, Meebo launched the Meebo Repeater – a repackaged …

Mike,
  • 0
  • 0
Displaying 9421 to 9450 of 9936