Jan Hertsens: November 2006 Archives

FaceTime just released a study on the state of Greynets and here are some highlights and in future entries we will talk about the implications of this study as it relates to the Enterprise.

FaceTime Communications
2006 Greynets Survey Key Findings

Survey confirms that greynets continue to be dangerous if left unmanaged, introducing significant risks to the business. End users continue at an increasing rate to take business communications into their own hands, downloading and using what ever resource they choose to get their jobs done, wherever and whenever.

How is Instant Messaging and other greynets used at work?-

IM usage?and by extension, other similar greynet apps?is driven foremost by its convenience: three in four employees use IM because they need "immediate answers ?from co-workers" (76%).

Endusers also see IM as a productivity tool?two-thirds use it to "to multi-task" (62%) while another third use it because "email is too slow" (33%). (The take-away users, often the most advanced are the ones introducing greynets into the Enteprise because they want to be more productive!)

- IM usage is increasingly complex: 60 percent of IM users have accessed advance features (55%), such as file transfer (29%), web conferencing (24%), VOIP (15%)video or (12%).

- Not surprisingly, two in three endusers have sent IMs while multi-tasking (88%). Around half have IM'ed colleagues on the same conference call (57%). Even colleagues in the next cube are not safe?44% of IM users have sent a message to a physically adjacent co-worker or while having a face-to-face conversation with someone else (40%).

- Six in ten IM-users have sent attachments, application files or links to external websites as part of an IM (57%). About one in five endusers (17%) have sent company plans (15%), information about company finances (5%) and even passwords or login information (4%)

What are end user attitudes toward greynets?

- Four in ten endusers (41%) have downloaded or installed applications that are not approved by their company?s IT department.

- Among the most popular applications deployed by endusers are streaming audio or video services (77%), web-based email (70%), web conferencing (57%) and public instant messaging (48%). Almost half of all endusers have deployed browser plug-ins (46%) [NOTE: these apps are particularly well-suited at evasive techniques that bypass network security requirements.]

- Seven in ten IM users have sent personal or non-work related IMs while at work, over company networks (70%)

- Unfortunately for IT managers responsible for network security, one-fourth of IM users deploy IM in order to have "private, unmonitored communications" (26%).

- Not surprisingly, if endusers knew their IM communications were monitored, they would change their usage patterns: almost half would "pay more attention to company guidelines" (45%), while one-third would simply "use IM less often" (31%), be more cautious about clicking on links (31%) or simply pick their words more carefully (21%)

So what?s the problem?

- In a broad market research survey of US-based IT managers, 81 percent report a security incident has resulted in the last six months from employee use of "greynet" applications".

- Spyware and adware are the most commonly reported incidents (75%), followed by viruses (57%), malware such as keyloggers (28%) and rootkits (22%).

- Seven in ten IT managers indicated that spyware and adware attacks are occurring at the same rate (36%) or more frequently (33%), compared to the prior six-month period.

- Greynets app usage may also result in business-related incidents. In the past six months, half of all IT managers report business incidents resulting from Greynet application usage (52%). Among these managers, the most commonly reported issues are: downloading of adult materials (50%), copyright violations (39%) and violations of corporate communications policies (33%).

- Seventy percent of IT managers report a wide range of network and computer issues that result from greynet application usage. Three-fourths of these managers report enduser system slowdowns or crashes (76%), followed by slowdowns in network traffic (68%), corrupted files (39%) and corrupted applications (30%).

Existing security infrastructure is not effective in combating greynet threats

-Survey respondents were asked to assess their own company networks in terms of their capacity to intercept the kinds of IMs allegedly sent by former Congressman Mark Foley. Only 11 percent of IT managers indicated that their networks would have been "very effective" at intercepting such communications. In fact, 31 percent of IT managers rate their networks as "not at all effective" at preventing these kinds of messages from being delivered.

What is the cost to businesses?-

Not surprisingly, these incidents may require remediation or repair of affected PCs or servers. Three-fourths of IT managers report having to make repairs or changes to computers as a result of greynet-related security incidents (72%).

- On average, IT managers report 14 incidents per month. Each incident requires 11 hours of work, on average. Based on an estimated average salary of $70 per hour, salary-related costs average almost $150,000 per year?just for greynet related repairs to enduser computers.

- IT managers who are involved in other security-related tasks may spend as much as 71 hours per month, on average, engaged in activities such as maintenance of network or enduser hardware, archiving and logging, research new technologies and so on....

more to come...

The Zango Double-dip ?

There have been a lot of articles and posts about Zango.  Most of them focus on the installation practices, lack of user notification and even how the company recently received a fine by the FTC.

This piece is not one of those.  Instead of talking about the Zango software, I would like to have a brief look together at the theoretical business model that drives Zango. 

Some relevant snippets from the Zango site:
Web publishers, content creators and providers aren't able to earn a living from their products. <Snip> online consumers have proven reluctant to pay a monthly subscription fee for access to online content and entertainment. <Snip> Zango has developed a unique solution to this economic dilemma. <Snip> With the Content Economy model, consumers are able to access and enjoy web content and entertainment for free, because when they search or browse online for products and services, they see ads from Zango advertisers. <Snip> Web publishers and content providers get paid by Zango for distributing their creative assets. Zango earns revenue from online advertisers, and thus, keeps this new Content Economy alive and thriving.
I see!  Visitors will never pay to see online content, so the content creators will never get to see a dime from their work.
So Zango's self-proclaimed raison d'etre is to provide these starving "long tail" creators/artists with some income so they can keep producing the content that everybody likes, instead of needing to beg for spare change at a mall entrance.

Surely, that's a noble cause, no?  Let's see...

About this Archive

This page is a archive of recent entries written by Jan Hertsens in November 2006.

Jan Hertsens: May 2006 is the previous archive.

Find recent content on the main index or look in the archives to find all content.