In its latest edition of the Application Usage and Risk Report, Palo Alto Networks™, the network security company, draws attention to several realities that typically fall outside of the approved enterprise communications mechanisms. These applications can enhance business responsiveness and performance – but, conversely –introduce inbound risks such as malware and vulnerability exploits, and outbound risks such as data loss and inadvertent sharing of private or proprietary data. The report advocates for assigning an action to these saying, socializing and sharing applications, and fostering discussions and creating viable policies around acceptable use.
Now in its 6th edition, the Application Usage and Risk Report (October 2010) consists of real-world traffic from 723 organizations worldwide, and examines user and application trends in the enterprise. In its analysis, Palo Alto Networks identified several patterns related to users' applications to collaborate with others. These applications were pervasive among these participating organizations, and can be summarized as "saying, sharing and socializing applications." In fact, these applications present are in up to 96% of the participating organizations and consume nearly one-quarter of the overall bandwidth.
Saying: unmonitored, unchecked, and very risky
Saying applications, including webmail and instant messaging applications, are still being used in a largely unmonitored and uncontrolled manner, which introduces significant inbound and outbound risks. Palo Alto Networks found that all of these saying applications either hop ports or use fixed ports that are not TCP/80 or TCP/443, which means that these applications cannot be easily monitored to control the related business and security risks. Furthermore, 60% of the saying applications discovered are capable of transferring files, thus opening organizations up to data leakage and the delivery of malware via attachments.
Sharing: users have found a better way to move and broadcast data
Since 2008, browser-based file-sharing applications have steadily grown in popularity to the point where they are now used more frequently than P2P or FTP. Now seen in 96% of organizations, these applications simplify file sharing but can also be broadcast-oriented (similar to P2P) in their distribution model. Using RapidShare, MegaUpload, or MediaFire, users can now upload their content and allow it to be indexed by one of the many affiliated search engines.
Socializing: when at work, Facebookers are voyeurs
Traffic patterns of Facebook may contradict certain assumptions about its use in the workplace. The bulk of the traffic (88%) is users watching Facebook pages. The risks that voyeurism represent include a potential loss of productivity and the possibility of malware introduction by clicking on a link within someone's "wall." Comparatively speaking, usage of Facebook apps (including popular games such as FarmVille) only represents 5% of Facebook traffic. Facebook posting represents an even smaller 1.4% of the traffic, yet the small amount of use should not minimize the risks in terms of what users are saying about work-related subjects such as current projects, travel plans and company status.
"IT teams are looking for ways to retain control within their organization at a time when non-IT-supported projects are pervasive," said René Bonvanie, vice president of worldwide marketing at Palo Alto Networks. "In fact, we're starting to see more trending of IT teams themselves embracing more progressive enterprise applications, which is indicative of these disruptive forces at work."
Cloud-based computing: adoption driven by users and IT?
Results indicate that IT organizations may be moving beyond debating the pros and cons of enterprise-class, cloud-based applications to actual deployment. The traffic usage patterns for select Microsoft and Google applications indicate both top-down and bottom-up adoption, especially in the last months. For example, enterprise versions of Google Docs and Gmail were found in 30% of the 723 participating organizations. In other words, the high use of "free" versions of the Google applications by the end-user may be forcing IT to consider these tools as licensed and fully supported alternatives—or replacements—for existing tools. As more tech-savvy users enter the workforce, their work patterns and requests for more application alternatives will likely accelerate the adoption of a wider range of enterprise-class applications.
Application and Threat Information
Information on the more than 1,100 applications that are identified by Palo Alto Networks can be found in Applipedia, part of the company's Application and Threat Research Center. Visit the online resource to find the latest news, commentary, and discoveries on applications and threats at the Research Center.
To download the Application Usage and Risk Report (October 2010), please click here.
About Palo Alto Networks
Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 10Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
