1. Inappropriate Surfing: While there is much subjectivity inherent in determining what is or isn't offensive, many companies are restricting internet usage to "business purpose" only, simply to limit the liability of the company. Many companies publish "Authorized Usage Policies" in order to formally document accepted usage, however, many companies struggle with policy enforcement. Furthermore, with the huge onset of file-sharing and Peer-to-Peer websites, companies have also been faced with the issue of copyrighted content being downloaded to the business network.
2. Spyware: Spyware, by definition, is a very specific subset of Malicious Software that is coded to monitor and report on activity on an infected system. Spyware comes in a variety of forms. One type, known as "Key Loggers", are used to steal personal or proprietary information by monitoring user key strokes and uploading, via a background process, such items as passwords and/or credit card numbers. Other types, such as Adware, are used to monitor surfing habits in order to better market other similar websites via "pop-up" advertisements. These infections may not necessarily compromise data, but can slow down a network tremendously and reduce worker productivity.
3. Instant Messaging: Also known as "IM" or "IRC", this potentially useful tool is quite detrimental when used for personal reasons. Employees with unsupervised instant-messaging tools can spend large amounts of times conversing with friends and family during business hours, taking away their ability to be productive. Additionally, the protocols that server Internet-based IM can be a vector for attacks known as "Zombie Attacks". Zombie Attacks infect multiple computers using the IM service, causing them to send Denial of Service attacks to a specific site. If a business is identified to be the source of one of the Zombie Attacks, you can be liable for the loss of service for the site being attacked.
4. Phishing: A relatively new problem, phishing attacks are designed to drive unsuspecting email users to fake websites for the purpose of retrieving personal information. Mimicking such websites as Amazon and Ebay, these attacks convincingly request personal information from users, including user names, passwords, and credit card information.
5. Malware: Short for Malicious Software, this describes any piece of software designed to damage a computer system, delete data, or interrupt the normal processing of an internal computer. There are many classifications, including viruses, worms, and trojans. All of these can be inadvertently downloaded onto a computer by clicking on a link on a website. Malware can also be automatically installed should sufficient security measures be not in place. Once infected, many of these softwares are designed to replicate, meaning they are extremely difficult to get rid of.
6. Peer to Peer Applications: Once again referring to copyrighted data, peer-to-peer sites such as Kazaa or Limewire promote illegal distribution of music or video via a series of meshed networks. This causes significant liability problems for both the company and the individual responsible for the downloads. Furthermore, many P2P applications are configured to share a computer's hard drive, leaving sensitive information open to download by other users of the same P2P network.
Jackson Thornton Technologies has worked with several businesses to establish Authorized Usage Policies while also helping to configure solutions that help monitor and enforce internet usage.
Posts
No comments:
Post a Comment