P2P as a corporate persona non grata presented at Virus Bulletin 2010

by John Alexander (Lockheed martin),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2010/abstracts/Alexander.xml

Summary : "
It doesn't start with headlines, but that's when it suddenly got interesting. One morning I awoke to headline news
that plans for a US presidential helicopter had been leaked to an Iranian IP address via peer-to-peer (P2P) software from
an unnamed defence contractor's computer. A few minutes of panicked reading and some level-headed critical thinking helped
me to conclude that this news was not about my company nor one of our contracts. Others, however, were not as quick to
reach such a conclusion; and thus started a project to review our policies, processes, and controls around P2P software.
It starts off simple enough: find and kill all instances of X within the company, if any. Well, X and Y. Make that X and
Y and Z. Oh, just kill all P2P. Very quickly it expands and becomes a rabbit hole of questions. How do we define
peer-to-peer (P2P) software? How do we build programmatic controls around it? How do we educate users to the risks?
How do we track our progress? What counts as use? Just like defence in depth, how can we discover in depth and/or recycle
data to find things that we may have otherwise missed? How can we shape our response process to meet human needs? This
paper will describe some of the challenges and creative solutions we have found to these questions and more.