Partner View

Getting a Handle on Peer-to-Peer Applications

Watch out for security pitfalls, such as increasingly popular instant messaging apps.

The business of securing clients' networks is always changing, with new types of threats constantly emerging as few dangers ever fade away. One threat that's growing in importance for clients is peer-to-peer (P2P) applications-and it's important for security-focused solution providers to be able to help mitigate that problem.

There are definite benefits to some P2P applications that account for their popularity among business users and IT teams' willingness to tolerate them in company networks. Probably the most popular, and most useful, P2P application is instant messaging (IM). IM's communication advantages over e-mail, most obviously its ability to allow users to gauge a colleague's presence and generate immediate response, drive its widespread adoption in organizations. Some other P2P applications, such as file-sharing applications that are designed to allow users to share movies, pictures and music files, have found legitimate business uses as well.

Aside from raising obvious questions about lost productivity, P2P applications pose security threats. Less-secure IM systems can be vectors for malware (and it's difficult to know which IM systems a client's users have actually installed). With file sharing, the malware threat exists, but there's another, potentially more serious problem. If the application opens a shared folder, any information in that folder can be accessed by any user subscribed to that file-sharing application. Such a file-sharing vulnerability caused a problem in 2006 for the Japanese Maritime Self Defense Force, when secret military documents on one officer's computer wound up being uploaded onto another person's computer through a file-sharing application that is popular in Japan.

Promisec Ltd. recently completed an audit to determine the extent of unauthorized P2P applications on corporate networks in the United States. We audited 32 organizations with 193,000 corporate endpoints in a search for unauthorized P2P applications and other security threats. About 4 percent of the corporate PCs, or 7,720, had unauthorized P2P applications such as Kazaa installed. Some 1,579 (0.82 percent) carried unauthorized remote-control software, such as GoToMyPC. (The audit also found more than 25,000 unauthorized USB devices attached to the endpoints, another area of security concern.)

It used to be enough to just check the firewall log and have a bandwidth-control device in place, but P2P applications are becoming smarter and most of them now use common protocols.

Following are some proven methods for helping your clients get control over any P2P applications on their networks:

  1. Ensure that your client's users only have the permissions they need for their desktops and laptops. If a user's productivity doesn't improve with the use of a P2P application, blocking installation of that application reduces the likelihood of a problem.
  2. Work with your client's key decision-makers to develop a comprehensive endpoint security document that clearly spells out policies governing such issues as access to files, anti-virus updating and the use of unauthorized applications or attachable devices.
  3. Help your client communicate those policies and train its employees about the potential risks these applications pose to the company's network security. Proper education is necessary before companies can hold users accountable for their actions. One best practice: Provide users with copies of the company's policies and require them to sign a document confirming that they have read and understood the rules.
  4. Assist your client in implementing a strong endpoint security solution to enforce policy and monitor installed applications. Remediate by removing unwanted applications; implement measures to prevent them from being re-installed. Ultimately, companies must have an enforceable follow-up mechanism that can accurately identify misuse and single out rogue users without creating too much additional work for the IT department.

About the Author

Ari Tammam ([email protected]) is vice president for channels at Promisec Ltd., a provider of agentless endpoint security management software. Promisec, a Microsoft Certified Partner, is based in Israel with U.S. headquarters in New York.

Featured

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Google To Acquire Cloud Startup Wiz for $32 Billion

    Google has announced a pending agreement to acquire Wiz Inc., a cloud security platform, in an all-cash deal worth $32 billion.

  • FTC Expands Microsoft Antitrust Investigation Under Trump Administration

    The Federal Trade Commission (FTC) is pressing ahead with a broad investigation into Microsoft's business practices, an inquiry that began in the final weeks of the Biden administration.

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.