Social networking — and its risks — are exploding in enterprise networks
The challenge of the explosive growth of social networking apps is that many can expose an organization's network to new forms of risks, according to a new report.
Social networking and digitally based collaboration are consuming networks. For example, Twitter use has grown more than 250 percent and Facebook use by 192 percent in the past six months, according to a research project by firewall vendor Palo Alto Networks. Facebook Chat, released in April 2008, is the fourth most common chat application found on enterprise networks, ahead of Yahoo IM and AIM. Blogging and wiki editing have increased by a factor of 39, while total bandwidth consumed increased by a factor of 48. Also, SharePoint collaboration is becoming much more common; according to the research, bandwidth consumed by the documents component of SharePoint has increased 17-fold from comparable research reported in April.
These results come from the "Application Usage and Risk Report," an analysis of application usage on enterprise networks in 200-plus organizations around the world in sectors that include education, financial services, manufacturing, health care, government and retail. This research is unique in that, unlike surveys that evaluate results based on voluntary responses from participants, this one summarizes actual network traffic assessments performed between March and September 2009.
The challenge of the explosive growth of new forms of applications, the company pointed out, is that many can expose the organization's network to new forms of risks. The analysis discovered 255 "Enterprise 2.0" applications, of which 70 percent are capable of transferring files, 64 percent have known vulnerabilities, 28 percent are known to propagate malware, and 16 percent can tunnel other applications. Koobface, Fbaction, and Boface are all new forms of malware that run in applications such as Facebook to hijack accounts and personal data.
"We know that workers are using these applications to help them get their jobs done, with or without approval from their IT departments. And now we know this is happening much faster than anticipated. It's naïve to think that old-school security practices can handle this deluge," said Rene Bonvanie, Palo Alto's vice president of worldwide marketing. "Organizations must realize that banning or allowing specific applications in a black-and-white fashion is bad for business. They need a new approach that allows for shades of gray by enforcing appropriate application usage policies tailored for their workforce. This is a radical and necessary shift for today's IT security professionals."
NEXT STORY: DOD expands access to Defense Connect Online