Recently, the Federal Trade Commission notified about 100 organizations that personal information from their computer networks had been exposed. Last year, highly sensitive blueprints for the Presidential helicopter, Marine One, were found on a server in Iran as reported by CNET News® on February 28, 2009. How does this happen? Employees participate in file-sharing programs such as LimeWire®, BitTorrent™, Kazaa™ and newer programs that have appeared. These programs (called P2P, or peer-to-peer) are used to share music, movies and other files. They are easy to find and download from the Internet.
While employees may see these programs as tools to share entertainment media, they can also be used to share any file stored on the computer on which the program is installed. If your employee stores your organization’s data on a computer that is also employed for personal use, the door may be open to uncontrolled data browsing by others on the Internet who subscribe to the same file-sharing service. Sometimes it is not the employee that is using the file-sharing programs, but a member of his family who is sharing a computer that contains your organization’s data. If employees use a home computer for work, and other family members share that computer, you may be exposing your organization’s data.
More than 40 states now have legislation that makes your organization legally responsible if personal data of employees or clients is disclosed. Equally concerning is the proprietary information of your organization that may be exposed.
What can your organization do?
- Don’t permit P2P software on your organization’s network.
- Beware of the P2P software that employees might download. It could be buggy, and could cause system crashes for the employee or your network.
- Scan everything. An employee might think he or she is downloading music or other entertainment files, but the files could include a virus or other malware.
- Educate your employees. If they do use these software tools, they should restrict which folders can be shared. While this may limit their risk, they have opened a back door to their computer, which may lead to unplanned problems!
For more information on how you can improve the security of your computer network, contact John Stafford, Schneider Downs Technology Advisors Shareholder, at 412-697-5453 or email@example.com.
Schneider Downs provides accounting, tax, wealth management and business advisory services through innovative thought leaders who deliver the expertise to meet the individual needs of each client. Our offices are located in Pittsburgh, PA, and Columbus, OH.
This advice is not intended or written to be used for, and it cannot be used for, the purpose of avoiding any federal tax penalties that may be imposed, or for promoting, marketing or recommending to another person, any tax-related matter.