P2P technology threatens server security

Peer-to-peer file sharing has emerged as the single biggest security problem for companies in 2001 and most security departments are ignorant to the threat.

According to a study by security company Evidian, rogue users of file sharing programs, the technology behind controversial services Napster and Gnutella, are poised to wreak havoc on corporate mainframes and, potentially, ASPs. Kevin Lucas, senior research analyst at AMR Research, said CIOs have been caught unawares by the rapid adoption of P2P models. He told silicon.com: "A new technology like P2P, which wasn't even discussed by companies two years ago, is perhaps too new for firms to fully address in the short term." Jack Clark, European product manager of Network Associates, said: "Any new way of sharing information is an open door to sharing viruses, especially when one of the parties doesn't have the appropriate security in place." Clark added: "Convenience is always a priority over security. For example, many system administrators don't look into the file sharing capabilities of MS Messenger in their security policies, which is another way for unwanted files to enter a company's network." The susceptibility of the ASP model to viruses received via 'trusted' third parties also raised much concern in the survey.