The FTC's announcement that nearly 100 private and public organizations had insecurely transmitted confidential, personal data over P2P networks is a wakeup call not just to those receiving the warnings, but to every business whose employees may be using file-sharing technology -- and especially to those who don't know whether employees are P2Ping or not.The Federal Trade Commission's (FTC) warning letters raised serious flags about the transmission of personal (employee or customer or both) data over peer-to-peer (P2P) networks. although no formal charges have been filed yet.
According to the FTC alert, whatever the original purpose for the P2P transmission, and whatever its intended recipient,the material "is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud."
Time to tighten the clamps on business use of P2P connections -- if you allow them at all. If you don't, time to find out if any of your employees are using your networks for P2P, whether for business convenience or personal file-shares.
Any P2P use is risky, but improperly configured sharing could make an entire disk's contents available to the P2P network, not just the files being deliberately (if foolishly) shared over the connection.
It's all too easy for P2P's convenience to become an info-leak night mare, as Supreme Court Justice Breyer's office found out not long ago.