P2P File Sharing Security Concerns for Small Businesses

Wednesday, April 04, 2012

Robert Siciliano

37d5f81e2277051bc17116221040d51c

Peer to peer file sharing is a great technology used to share data over peer networks.  It’s also great software to get hacked. This is the same P2P software that allows users to download pirated music, movies and software.

In my own P2P security research, I have uncovered tax returns, student loan applications, credit reports and Social Security numbers. I’ve found family rosters which include usernames, passwords and Social Security numbers for entire family.

I’ve found Christmas lists, love letters, private photos and videos (naughty ones, too) and just about anything else that can be saved as a digital file.

 

Installing P2P software allows anyone, including criminal hackers, to access your client’s data. This can result in business security breaches, credit card fraud and identity theft. This is the easiest form of hacking.

There have been numerous reports of numerous government agencies, drug companies, mortgage brokers and others discovering P2P software on their networks after personal data was leaked.

Blueprints for President Obama’s private helicopters were recently compromised because a Maryland-based defense contractor’s P2P software had leaked them to the wild, wild web.

  • #1 Have P2P security policies in place not allowing the installation of P2P software on your workplace computers or employee laptops.
  • #2 A quick look at the “All Programs Menu” will show nearly every program on your computers. If you find an unfamiliar program, do an online search to see what it is you’ve found.
  • #3 Set administrative privileges prevent the installation of new software without your knowledge.

Robert Siciliano personal and small business security specialist to ADT Small Business Security discussing ADT Pulse on Fox News. Disclosures

Possibly Related Articles:
5628
Webappsec->General
Information Security
fraud Privacy Software P2P Small Business Personally Identifiable Information hackers Information Security file sharing Data Protection
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.