Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

1/12/2010
10:37 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ScanSafe Reports 55% Increase In Employees Attempting to Download Illegal Software At Work

ScanSafe currently processes data across more than 100 countries for millions of employees

LONDON and SAN FRANCISCO, Jan. 12/PRNewswire/ --ScanSafe, the pioneer and leading global provider of SaaS Web Security, today revealed its latest data showing a significant 55% increase in illegal MP3 and software download attempts over the last three months on corporate networks. ScanSafe currently processes data across more than 100 countries for millions of employees, giving it the industry's most significant insight into the latest trends in Web traffic and malware.

A US student, Joel Tenenbaum, has recently been fined $675,000 for illegally downloading music. The court case focused on 30 tracks that Tenenbaum admitted downloading - he was subsequently fined $22,500 per song.

Over the years, consumers have taken a carefree approach to illegally downloading music, not expecting to be held accountable for their actions. High-speed Internet connections have enabled even faster illegal downloads and alarmingly, more and more people are choosing to do so in the workplace.

"Employees mistakenly assume they can use the Internet at work in exactly the same way as they use it at home and this is potentially one of the reasons for this steady increase in illegal download attempts over recent months," said Spencer Parker, director of product management at ScanSafe. "Inappropriate Internet use in the workplace can put the employer at risk for legal liabilities."

Often, an employer will be held legally responsible for any wrongful acts committed by an employee 'in the course of their employment'. This phrase is very widely constructed - an act may be considered 'in the course of employment' even if it is expressly prohibited by the employer, a principle known as 'vicarious liability'. Even if a legal claim is unsuccessful, dealing with claims can make very substantial demands on management time and involve significant legal costs.

Parker comments, "Downloading illegal content is a 'double whammy' for employers as not only does it put them at risk legally but it also puts the company network at risk of being infected with malware. A large majority of free illegal downloading websites are often riddled with malware."

Organizations should formulate Internet usage policies and educate employees on the goals of their policies, including making clear the potential consequences of non-compliance. Employers should also require staff to sign to acknowledge their understanding of acceptable Web use during working hours.

In addition to formulating a defined Internet usage policy, organizations should implement a comprehensive Web security solution in order to protect themselves. Web security solutions can completely block employees from accessing illegal websites, whilst ensuring corporate network is protected from malware at an affordable and predictable cost.

For more information on ScanSafe Web security solutions, please visit www.scansafe.com.

About ScanSafe

ScanSafe (www.scansafe.com), now a part of Cisco, is the pioneer and largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep malware off corporate networks and allow businesses to control and secure the use of the Web. As a SaaS solution, ScanSafe eliminates the burden of purchasing and maintaining infrastructure in-house, significantly lowering the total cost of ownership. Powered by its proactive, multilayered Outbreak Intelligence(TM) threat detection technology, ScanSafe processes more than 20 billion Web requests and 200 million blocks each month for customers in over 100 countries.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21360
PUBLISHED: 2021-03-09
Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information disclosure vulnerability - anonymous visitors may view log and snapshot files generated by the Generic ...
CVE-2021-21361
PUBLISHED: 2021-03-09
The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixed...
CVE-2021-24033
PUBLISHED: 2021-03-09
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoke...
CVE-2021-21510
PUBLISHED: 2021-03-08
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
CVE-2020-27575
PUBLISHED: 2021-03-08
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation.