{"id":153,"date":"2009-04-17T08:33:01","date_gmt":"2009-04-17T16:33:01","guid":{"rendered":"http:\/\/blog.paloaltonetworks.com\/?p=153"},"modified":"2010-02-10T13:21:28","modified_gmt":"2010-02-10T21:21:28","slug":"real-data-does-not-lie-existing-security-controls-are-failing","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2009\/04\/real-data-does-not-lie-existing-security-controls-are-failing\/","title":{"rendered":"Real Data Does Not Lie - Existing Security Controls Are Failing"},"content":{"rendered":"

On April 15th, we participated in a very successful webinar with Dark Reading entitled \u201cWhy Bad Security Breaches Keep Happening To Good Organizations\u201d<\/a>. During the back and forth between the two speakers, we took a poll of the attendees, asking them the following question:<\/p>\n

Which applications do you think are currently running in your organization\u2019s IT environment? Attendees were able to select all that applied and the results of a total of 181 votes showed the following:<\/strong>
\n P2P 43.6% (79)
\n Google apps 73.5% (133)
\n Anonymizers\/proxies 33.7% (61)
\n Unauthorized IM 56.4% (102)
\n Encrypted tunneling apps (e.g. TOR)\u00c2 43.6% (79)<\/em><\/p>\n

In this case, the poll is a valuable tool to keep audience members engaged but often times they do not show all the data or tell the entire story.<\/p>\n

Here\u2019s why I say this. Our recently published Application Usage and Risk Report<\/a> analyzed application traffic on more than 60 customer networks and the findings show very different numbers.
\n P2P 92%
\n Google apps 81%
\n Anonymizers\/proxies 81%
\n Unauthorized IM 97% (to be fair, we did not ask if the use of IM is approved or not).
\n Encrypted tunneling apps (e.g. TOR) 11%<\/em><\/p>\n

Real data always tells a more complete story. And what this report tells us is that enterprises collectively spend more than $6 billion annually on firewall, IPS, proxy and URL filtering products \u2013 yet the data shows that these products are unable to control the application traffic traversing the network. Here\u2019s some of the key findings to support that conclusion.<\/p>\n

* Applications are designed for accessibility.<\/strong> More than half of the nearly 500 unique applications found are \u201cfirewall friendly\u201d in that they can hop from port to port, use port 80 or port 443 as a means of simplifying end-user access.
\n * Users are actively circumventing security controls.<\/strong> Employees are going to the extreme measure of using external proxies (typically not endorsed by corporate IT), remote desktop access and encrypted tunnel applications to do what they want on the network.
\n * File sharing usage is rampant.<\/strong> Despite the known risks, employee use of P2P is rampant and browser-based file sharing has effectively doubled in use over the last 12 months. <\/em><\/p>\n

What else did we find? We found more than 111 collaborative applications \u2013 social networking, email, webmail, IM, blogging \u2013 you name it we found it. Many of these applications are beneficial. David Smith, from Gartner <\/a>comments in this SC Magazine article<\/a> that \u201csome applications enable users to more easily do their job\u201d. Absolutely true. No question about it. But when employees use them without IT oversight and the associated security, then the company is exposed to unnecessary business and security risks. Bill Brenner from CSO Magazine summarizes some of the risks in his article about the 4 Reasons Botnets are Hard to Fight<\/a>.<\/p>\n

You get the picture. I encourage you to read the executive summary, download the report or listen to a 10 minute overview here<\/a>.<\/p>\n

Check it out. Post a comment. The data does not lie.<\/p>\n","protected":false},"excerpt":{"rendered":"

On April 15th, we participated in a very successful webinar with Dark Reading entitled \u201cWhy Bad Security Breaches Keep Happening To Good Organizations\u201d. During the back and forth between the two speakers, …<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[33,4,5,32],"tags":[1814,1815],"coauthors":[],"class_list":["post-153","post","type-post","status-publish","format-standard","hentry","category-application-advisoryanalysis","category-application-usage-risk-report","category-firewall","category-threat-advisoryanalysis","tag-application-usage-risk-report","tag-firewall"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/153","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=153"}],"version-history":[{"count":0,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/153\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=153"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=153"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=153"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=153"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}