Locking up P2P without going nuclear
What can tools such as Identity Finder do for P2P-tamers?
By Kathleen Lau, ComputerWorld Canada | Techworld | Published: 11:15, 21 February 2008
Using peer-to-peer (P2P) file sharing applications on the job raises the risk that confidential data residing on a user's PC might be inadvertently exposed to a cyber-criminal, says the head of a security vendor.
It's tricky to prevent employees from using P2P applications at work, and besides, imposing a corporate policy to prevent them from using these networks is not necessarily the best approach, said Todd Feinman, CEO of New York City-based security technology provider Identity Finder, a division of Velosecure.
Another useful policy is for employees to be aware of what actually lives on their systems, said Feinman.
Related Articles on Techworld
"These employees don't realise that such sensitive information exists in their files," he said, adding that if the threat doesn't stem from P2P applications then it'll surely be from another.
Feinman said the enterprise edition of the company's security software, Identity Finder, is intended to help businesses search and secure confidential data residing on user systems, like employee identifications, telephone numbers, passwords/PINs, dates of birth, and Social Insurance Numbers.
It works by automatically trolling a user's computer system in places like a web browser's auto-complete fields, web pages and cookies, instant messenger logs and compressed files. The software can be customised to identify certain types of data, and the process doesn't require users to enter specific information about themselves, the company, or a customer."
Once done, the user receives a report as a means to preview the action to be applied to the identified data.
Feinman said employees can use the software on individual systems, or IT administrators can apply the tool on the back-end, by way of admin privileges, to scan file systems or email clients of remote network computers. "[The latter is] a good approach because having all that information in one place allows you to run a report and say, 'Here's how much we're at risk.'"
However, he cautioned the sole downside to the back-end approach is the inability on the part of the IT admin to take action on identified data. In this instance, IT can use the quarantine function to move data to a central server in case it needs to be restored to the user.
More often, though, Feinman observed IT admins including it as an extra feature on builds and computer images so employees can run it on a regular basis, while IT supports it.
