Last week, news writer Jessica Scarpati reported that employees at Schur, a printing and packaging company based in Horsens, Denmark, were using public peer-to-peer (P2P) file sharing services, instead of the company’s password-protected file transfer protocol (FTP) server to share sensitive, business-related files with one another. Not only did this present a gaping WAN security hole, but it used up a great deal of WAN bandwidth.
Whether end users simply don’t know any better or they do it maliciously, the situation is certainly not limited to one instance in Denmark. How to block P2P traffic is a WAN bandwidth management frequently-asked question. If WAN managers were to educate users and implement a security policy that prevented this behavior, end users might actually use the appropriate file transfer method, and corporate data might actually be safe.
To avoid these security and performance pitfalls, Schur’s IT-technical manager, Tom Nielson, decided not to allow any kind of torrent files–BitTorrent or otherwise. Even if the torrent was legal and for the purpose of transfering work files, Nielson didn’t want to take any chances. “If it’s written in our IT policy that they’re not allowed to make file transfers other than with FTP, then we can block file transfers and stuff like torrent files,” Nielsen said. (You can read more about what Nielson did to block P2P traffic in this WAN security case study.)
Many IT network security folk feel that end users are to blame for broken computer security. Although they may ultimately be the ones leaking corporate data through P2P or other methods, the culprit really lies in poor security policies and network user management.