Archive for December, 2008
It seems as soon as a new technology is adopted into mainstream business, a whole host of support technologies soon follow to fill in the gaps and solve the new issues that are created. Consider the enormity of the anti-virus market that was created after the ILoveYou Virus hit in 2000, and the addition of URL filtering to enterprise IT’s checklist of “must-haves” following the adoption of the Web browser.
The good news is that browser based traffic is now monitored and managed in most organizations. So, what’s the next new technology? Always one step ahead, employees have turned to other real-time applications including social networking platforms, IM, peer-to-peer file sharing, Web 2.0 VoIP and conferencing applications. And the next new technology solution? Application filtering.
This week, FaceTime announced that we’ll begin licensing our application inspection and classification technology, called ACE (Application Control Engine), to other network security vendors. This same technology is at the core of our Unified Security Gateway product, detecting and classifying more than 1,400 Web 2.0 and real-time communications applications and more than 50,000 social networking widgets – a number that grows daily.
This is the new frontier for Web security, as Sarah Perez points out in her analysis of how Web applications fly under IT’s radar,
“… when users become their own I.T. department, they’re unknowingly introducing inherent risks into the previously hardened network infrastructure. Just because a web app is easy to operate, that doesn’t make it safe and secure for enterprise use. As users upload and share sensitive files through these unapproved backchannels or have business-related conversations through web-based IM chatrooms, they might not only be putting their company’s data at risk, they could also be breaking various compliance laws as well.”
Sarah’s analysis is spot on. She goes on to point out that
“If FaceTime’s ACE or other similar technologies become a mainstay in the enterprise I.T. toolkit, the explosion of Web 2.0 for business use, a trend typically called Enterprise 2.0, may be dealt quite a blow. The only Enterprise 2.0 apps that will succeed given that scenario will be the ones that worked with the I.T. admins from the very beginning to assure them of their safety. The apps reliant on a slew of the company’s rule-breaking users for adoption, however, will be out of luck. Perhaps being sneaky may not have been a great business model after all.”
From our conversations with IT managers and through our annual study of usage trends, end user attitudes and IT impact, it’s clear that the number of unsanctioned applications on enterprise networks is exploding because the nature of the workforce is changing. In fact, one in three employees say they feel they have the right to download whatever applications they need to do their jobs, regardless of policy. And interestingly, one in three IT respondents believe that written policies are ineffective methods for controlling enduser downloading of applications.
Given not only the sheer number of Web 2.0 applications but their obvious increased rate of adoption in business, I believe we’ll eventually see application filtering become standard, and most likely even more important, than URL filtering is today.
It’s been a busy few days in security, as the Koobface Worm has indeed returned to Facebook.
As the lines blur between personal and business use of Social Networking sites (our recent FaceTime survey showed that 81% of survey respondents said they use social networks at work for personal reasons, and that 51% are accessing them several times a day), it’s clear that Social Networking sites are quickly becoming the place above all others where IT Managers need to concentrate their security thinking.
Sites are already out there such as Yammer.com that focus exclusively on business use. How long will it be before there’s a major security incident in relation to a Social Networking and workplace related mashup? I have a feeling it’s going to be sooner rather than later…