One of the services that Palisade Systems provides is a customized Secure Assessment for organizations who are concerned with the loss of confidential data.  This assessment provides network security personnel visibility into the nature of the traffic traversing their network, and helps identify key areas of improvement or security threats to the organization.

In analyzing the aggregate of the report data from the past year, we have uncovered a number of interesting statistics, which I will be sharing in greater detail on this blog moving forward.  Here is a brief overview of some of the broader findings:

•    Since the first of the year, during a series of five-day Secure Assessments, we have identified 850,000 pieces of personally identifiable data being sent over email, web posting, web email, FTP and more.

•    Of the 850,000, 77% was sensitive Personal Health Information found leaving the network utilizing our pre-built HIPAA compliance template.  What is interesting in this statistic is that only 28% of our customers since the first of the year were healthcare organizations, so this includes healthcare information being sent by general enterprise and educational customers as well.

•    After consolidating all the web site requests based on category, streaming media dominated web traffic with over 54% of the overall requests.  Depending on the policy of the organization, this may be part of the use of everyday business, however many organizations wish to implement streaming media policies for two reasons:  first, many companies prohibit ‘background streaming’ of sports or entertainment sites for productivity reasons, and second, streaming-media often consumes considerable bandwidth on the corporate data network and can compete with mission-critical applications, some of which are latency-sensitive and will be delayed due to congestion from streaming media at the Internet egress.

•    In addition to streaming media, Web visits to the “Jobs” category totaled 32% of overall web traffic.  This should not come as a surprise to anyone who has endured through the poor macro-economic climate of the past year, however it does raise concerns not only from a productivity standpoint, but also data loss, as a major concern in many organizations is the confidential data that is taken with an employee resigns or whose job is otherwise lost.

•    Webmail is an application we are frequently asked to monitor and block altogether, however some organizations allow employees to utilize web-based messaging so employees can check personal email accounts.  Counter-intuitively, Gmail, Yahoo Mail, Hotmail and AOL mail were not the majority of web mail requests, amounting to only 6% of webmail traffic.  Interestingly, 3^rd Party webmail provided by the residential broadband (Comcast, Qwest, etc.) provider came in at an 94% of total webmail usage.  Yes, we were surprised too.

•    Peer-to-Peer traffic was identified in 72% of Secure Assessments.  Other than the bandwidth demands of P2P traffic, which can easily subsume a corporate data network’s Internet connection, there is also potential legal exposure in the event that copyrighted content is being shared.  There are many legitimate P2P applications and uses, however we seldom find these in use in our secure assessments.  When we do find P2P traffic, it is nearly always unauthorized sharing of music, software, or movies.  This adds the additional legal exposure to the customer of having their network used to distribute copyrighted material.

•    Instant Messaging was identified in 79% of Secure Assessments. Although IM in itself is a powerful business tool in use today, it can also be used for unauthorized communications.  In some financial services customers of ours, they are expressly prohibited from allowing instant messaging traffic due to the fact that they cannot accept trades/communications over a mechanism that cannot be properly monitored and archived.

These are just a small sample of the statistics we have seen since January.  I’ll be looking deeper into each of these categories moving forward and will be providing greater detail and analysis on my future blogposts.  If you have specific things you’d like me to look into, please feel free to comment below.

Tim