In the last two newsletters, we’ve discussed the extent of network misuse by drawing from the findings of our recent survey of 321 IT professionals. Today, we’ll use the survey results to discuss the techniques that IT organizations are using to monitor and control network misuse and to give some insight into the fact that what is determined to be network misuse depends a lot on what company you work for.
To get some insight into this issue, we asked the survey respondents to indicate how they monitor for misuse. Roughly 40% indicated that they do not actively monitor for network misuse. We were disappointed with this result given the extent of the network misuse that is occurring along with the potential impact.
Approximately 55% indicated that they use a variety of somewhat informal techniques to monitor for network misuse. One example of this is having end users or managers report abuse. Another example is to identify misuse by exception; i.e., when troubleshooting a network problem. The respondents tended to use these techniques roughly equally at the headquarters and data center, as well as at remote sites.
In addition, more than 70% of respondents use multiple active measures to identify network misuse, including the use of content filtering, network monitoring systems, and firewalls or other security programs. However, the use of these measures varies widely based on the type of site. For example, more than three-quarters of the survey respondents use these techniques in a data center and roughly two-thirds use them in a headquarters site. However, less than half use the techniques in remote locations.
As mentioned, we also found that what is determined to be network misuse depends a lot on what company you work for. A good example of this is Internet radio. We talked to the infrastructure engineering manager for a large multinational who said that his organization had implemented very stringent measure to block this type of traffic. We also talked to a LAN/WAN manager at a U.S. manufacturing company who said his organization blocks traffic that could get the company in trouble; i.e., gambling, pornography and weapons. However, they do not block Internet radio. A network architect for a midsized high tech company carried this one step further. He said that his company is fast growing and high energy. As part of the culture there is free food in the cafeteria and a beer bash on Friday. He said in that culture, there is no way they could ban Internet radio.
We invite your input on this topic. Kindly write to us and tell us about the network misuse you have witnessed, as well as what your IT organization has done to combat it.