In this tip, assistant editor Mia Shopis answers Frequently Asked Questions (FAQs) from the Ask the Expert mailbox.
Dear Security Help Desk,
What can we do to secure our peer-to-peer network? What are the security issues with a P2P network?
Peer-to-peer (P2P) networking is an easy way for users to share and swap files over the Internet; some of the more popular applications include Kazaa, Napster and any IM program from Microsoft, Yahoo or AOL. While P2P is a "convenient" application, it also can open up a company's network to a number of security and liability risks. In order to mitigate risks associated with P2P networking, some organizations are implementing stronger policies and/or outright banning its use. Is P2P networking too much of a security risk for your organization? Learn more with these resources about the security issues of P2P networking.
On the Internet, peer-to-peer (referred to as P2P) is a type of transient Internet network that allows a group of computer users with the same networking program to connect with each other and directly access files from one another's hard drives. Read the complete definition here.
Executive Security Briefing: Are P2P applications worth the risk?
Peer-to- peer (P2P) applications are alive and kicking -- on your network that is. The problem is you probably don't want most of them on there. P2P applications introduce more vulnerabilities and open up more entry points to your network than many security managers ever thought possible. Read the complete tip here.
Ask the Expert: Liability for P2P file swapping on a corporate network
The entertainment industry is on the warpath against illegal file trading. Most notably, the Recording Industry Association of America is taking aggressive legal action against anyone directly or indirectly participating in unauthorized swapping of music. While RIAA has grabbed headlines by subpoenaing hundreds of colleges and ISPs, and suing hundreds of students and other individuals, it is also targeting private enterprises whose employees engage in illicit downloading. Read expert Ben Wright's complete response
Ask the Expert: How to block instant messaging
On Windows 2000 or XP, software needs an "administrator" account to install software. The same is true on Mac OS X. You can stop people from installing software by not making their user accounts be administrator accounts. Of course, sometimes this is easier said than done. Read expert Jon Callas' complete response.
Network Security Tip: Disconnecting desktops for network security
If you are struggling with P2P, IM or other dangerous applications that users keep installing, here's an idea: Consider breaking end-to-end IP connectivity from your users' desktops to the Internet. This approach can be beneficial to your security efforts, but there are some things to watch out for. Read the complete tip here.
For more info on peer-to-peer networking, please visit these SearchSecurity.com resources:
This was first published in March 2004