- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Enterprise users are "actively and intentionally" evading IT security controls and ignoring acceptable use policies, according to Palo Alto Networks' first annual "Application Usage and Risk Report."
The recent survey results from Palo Alto, a firewall vendor, are based on traffic from 350,000 users in 20 organizations that span the financial services, manufacturing, healthcare, state/local government and healthcare industries.
The report highlights applications (not generally supported by enterprise IT) that employees are actively using, as well as the major risks associated with their use.
Among the findings:
-- External proxies that IT does not support, such as CGIProxy and KProxy, were present in 80 percent of the customer networks
-- Web-based file transfer and storage applications such as YouSendIt and MediaMax were detected in 30 percent of sites
-- Over 50 percent of applications using port 80 (the default port number for a web server) were not business related
-- Google applications were found in 60 percent of the sites using port 80
-- Web video and streaming audio consumed significant bandwidth on 100 percent and 95 percent of the sites sampled, respectively
-- Peer-to-peer file sharing applications were found on 90 percent of the sites
Associated risks include:
-- Data loss through unmonitored and/or unauthorized file transfers
-- Compliance violations, both with internal policies and external regulations
-- Business exposure from malware propagation or application vulnerability exploits
-- Operational cost increases due to higher bandwidth consumption and added IT expense
-- Lost productivity from excessive use of personal applications
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (3)
Kudos to Palo Alto Networks,By Anonymous on April 30, 2008, 2:17 pmKudos to Palo Alto Networks, a company that sells a firewall product -- for showing that firewalls don't do anything to secure or protect anything. With this...
Reply | Read entire comment
About "Go cry in your beer."By tuomoks on April 30, 2008, 1:19 amDear anonymous, I basically agree with your points, the world has changed. But "Go cry in your beer." doesn't help - people were (have always been and always will)...
Reply | Read entire comment
Numbers: Employees find ways to skirt enterprise securityBy Anonymous on April 29, 2008, 2:24 pmThis is news? And why shouldn't they, US companies have made it abundantly clear for decades that they feel no loyalty to their employees, they routinely pay...
Reply | Read entire comment
View all comments