Wednesday, June 13, 2007

Risks from P2P Networks

ComputerWorld has a pair of articles up here and here discussing risks posed by P2P networks. The first article focuses on a Dartmouth study which found that substantial amounts of sensitive information, including (ironically) a security evaluation for a bank performed by a third party contractor, is inadvertently made accessible by consumers who download P2P software. The second article provides a concrete example of that danger: a Pfizer employee who installed P2P software on a laptop which was provided by the company for her own home use inadvertently exposed personal data for around 17,000 current and former employees of Pfizer. The take home message from all this? Have policies which control the use of P2P software, and make sure that employees know that violating those policies won't only be a breach of workplace rules, it would also put their own personal data at risk.

No comments: