At the RSA Conference today, Palo Alto Networks announced the inaugural report that will track trends and risks in today’s enterprise applications landscape. The Application Usage and Risk Report examines the major shifts required in enterprise risk management as end user empowerment and next-generation application technology drastically reduce corporate visibility and control of employee computing activities.
Based on actual traffic from 350,000 users in 20 organizations including financial services, manufacturing, retail, healthcare, and state/local government, some major findings of the report include:
- The Big – Peer-to-peer applications (e.g., BitTorrent, eMule), a poster child for data loss, were found in 90% of accounts. And only a year after launch of the business edition, Google Applications, (Google Docs, Google Desktop and Calendar) exist in 60% of the sample, including some organizations that thought they had removed it from their desktops until it was business proven.
- The Bad – In most organizations, (80%) end users are actively skirting IT security controls – with anonymous, external proxies and tunneling applications (e.g., CGIPoxy, TOR), enabling risky and unauthorized activities. Recently, web-based file uploaders (e.g., Megaupload, Yousendit) grew rapidly in 30% of the sample – representing a huge channel for wholesale data loss.
- The Ugly – Web video and streaming audio are ubiquitous on networks at levels of 100% and 95% of the sample respectively, resulting in huge bandwidth drain even before considering security and productivity risks.
Steve Mullaney, Palo Alto Networks’ Vice President of Marketing said, “Whether next-gen applications and tools can drive higher productivity, a more collaborative work environment or just give employees a ‘brain break’, the reality is that IT is increasingly unable to stem the tide – and that represents increased security and compliance risk.”
The report discusses the most prominent variants in each application category as well as the characteristics that represent risks including:
- Data loss through unmonitored and/or unauthorized file transfer
- Compliance violations, both with internal policies and external regulations
- Business disruption and exposure from malware propagation or application vulnerability exploits
- Operational cost increases from higher bandwidth consumption and added IT expenses
- Lost productivity from excessive personal application usage
Mullaney continued, “Every organization that participated in our research brought us in expressly to find out which applications were on the network, who was using them, and at what volume – because they had no way of telling with their current tools. What we found gives these enterprises real-world, actionable data on what they are facing. It also provides their peers with a glimpse of what is probably happening across their own networks.”
CIO/CSOs face a changed application landscape. Social networking, software-as-a-service (SaaS), personal messaging, and streaming media are merely a handful of the applications that can be found en masse on today’s enterprise networks. On one hand, corporate IT is asked to enable business expansion and help maintain a competitive edge by embracing these new applications and technologies. On the other hand, doing so in a controlled and secure manner is a challenge. Users are more savvy than ever at getting around IT. Additionally, many new applications have evasive traits like port hopping, encryption, or tunneling built-into the product. In fact, some application providers encourage users to circumvent IT. These factors make it extremely difficult to manage risk coherently on enterprise networks with existing port-centric security tools.
The Application Usage and Risk Report: An Analysis of Major End User Application Trends in the Enterprise is available for download from Palo Alto Networks. Additional information on more than 560 applications can be found in Palo Alto Network’s Application Research Center (ARC), an online resource that contains up-to-date information on the rapidly evolving application landscape – including the latest news, alerts and analysis. Included in the ARC is the ability to search the Applipedia™ for important characteristics of each application that must be considered when developing policies to enable safe and productive application usage within the enterprise.
About Palo Alto Networks
Palo Alto Networks™ enables visibility and policy control of applications running on enterprise networks. Based on innovative App-ID™ application classification technology, the Palo Alto Networks PA-4000 Series next-generation firewall accurately identifies applications – regardless of port, protocol, evasive tactic or even SSL encryption – at 10Gbps with no performance degradation. Enterprises can now set and enforce application usage policies to meet compliance requirements, improve threat mitigation and lower operational costs. The Palo Alto Networks team includes security and networking industry veterans from Check Point, NetScreen, McAfee, Cisco, Juniper and Blue Coat. It is backed by investors Globespan Capital Partners, Greylock Partners and Sequoia Capital. For more information, visit www.paloaltonetworks.com.
###
Palo Alto Networks, the Palo Alto Networks Logo, App-ID, FlashMatch and PAN-OS are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
