Monday, March 2, 2009

P2P Filesharing Dangers: Marine 1 Blueprints?

Blueprints for Marine 1 were found by employees of Tiversa, a P2P monitoring company. The blueprints and avionics package were found in a file that appeared to have come from a defense contractor's network - the news article's spin sounds like a sales pitch for Tiversa's services, but the point remains useful.

Corporate IT knows the dangers that P2P programs can pose - many have default shares enabled, and some of them share a larger portion of the user's hard drive than might be expected. There are controls: extrusion prevention, local system lockdowns, and periodic software scans, but they require a strong set of corporate IT policies and security standards that are effectively enforced. For some systems, this is where access controls come into play - the system containing protected information shouldn't have had outbound Internet access in the first place!

No comments: