Facebook, Google Apps Use Soars in Enterprises, Security Firm Says
Palo Alto Networks surveyed Web application usage at 347 organizations and found Facebook, Twitter and other programs for communications and collaboration are all being used in enterprises to a great degree. Some 22 Google applications, including Gmail, Google Calendar, Google Docs and Google Wave, showed particularly strong usage, according to research from the network security firm. Of course, the widespread use of social network and other Web apps used in enterprises can wreak havoc on network security and regulations for financial services and health care industries.Social networks such as Facebook as well as several programs for communications and collaboration are being used in enterprises to a great degree, with 22 Google applications showing particularly strong usage, according to research from a network security firm. Palo Alto Networks surveyed use of 750 applications across 347 organizations for its fifth Application Usage and Risk Report, released March 30. The company's firewall appliances and software monitored the use of Web apps for the volunteering companies from September 2009 through March 2010.
Social networking apps such as Facebook and Twitter and collaboration and productivity apps such as Gmail, Google Docs and Google Calendar were used with great frequency at businesses around the world, including companies in heavily regulated industries such as health care and financial services.
"The data highlights the rapid dissolution of the barriers to application access which makes rapid and widespread application adoption very easy, as evidenced by the fact that applications of all types are being used with remarkable consistency-regardless of the sample size, geography, or vertical industry. Consistency is a double edged sword-on one hand it shows a certain level of predictability, while on the other hand, it introduces very different levels of business and security risk."Indeed, while the rampant adoption is great news for Google and Facebook-vendors that offer their Web apps free but rely on advertising to make their money-Palo Alto found some disturbing news for the security-minded IT administrators. The company said there are 177 applications that tunnel other apps unintentionally, or to boost accessibility, such as in the case of software updates, P2P, instant messaging and Webmail apps such as Gmail. "Others, such as UltraSurf, TOR, Gpass and Gbridge do so as a means of hiding the real nature of the application activity." Use of external proxies and encrypted tunnel apps is high in universities as well as health care and financial services firms. That's enough to set teeth on edge for admins, which can quickly find their companies out of compliance or, worse, victims of leaked proprietary data or malicious malware. "You can't block the apps because people use these apps to do their jobs, but if you blindly allow it, you're not in compliance of the FINRA [Financial Industry Regulatory Authority] and HIPAA [Health Insurance Portability and Accountability Act] regs," King said. "The real trick is allowing the app but mitigating some of the risk associated with it."