June 8, 2015 By Jaikumar Vijayan 2 min read

Strict enforcement of acceptable use policies (AUPs) can dramatically reduce risk to corporate data, a new report by Israeli security firm Allot Communications shows.

The report is based on an analysis of data collected by Allot over a five-month period between November 2014 and April 2015. The information came from large enterprises and from service providers who provide Internet connectivity to small and medium businesses.

Doing an End Run Around AUPs

The data showed that much of the traffic blocked on corporate networks came from users attempting to access Web applications and services that were prohibited by their employers. Allot discovered that almost 92 percent of blocked Web traffic stemmed from employees trying to use social networks, online file-sharing services, consumer instant messaging tools and anonymizing services at work in violation of corporate AUPs. Just 8 percent of traffic was blocked because it contained malware.

Allot discovered that just having an AUP in place does not discourage employees from trying to work around it anyway. On average, employees in the study tried to access social networks more than six times per day, with Facebook being the most common attempted destination. Additionally, Allot counted an average of 1.5 attempts per day by employees to access sites containing content inappropriate for the workplace, such as gaming and dating sites.

Threats to Corporate Data

Traffic from employees using or trying to use prohibited instant messaging services was blocked 10 times more frequently than other Web content because of a relatively high prevalence of malware. Interestingly, Allot’s data analysis showed that employees use anonymizing services on enterprise networks to access websites and conduct transactions without revealing too much information. When compared to regular Web traffic, this anonymized traffic is blocked far more frequently because of potentially malicious content.

The results highlighted the risks to corporate data posed by employees attempting to access applications outside of the business’s policy, said Yaniv Sulkes, assistant vice president of marketing at Allot, in comments to Security Intelligence. Many of the commonly accessed Web applications — such as instant messaging, file storage, social networking applications and anonymizers — pose risks that may not be readily apparent, he said.

High-Risk Web Application Categories

Both social networking sites and instant messaging applications can be used for file sharing. Many of the file types prevalent on social media networks are also highly susceptible to malware, Sulkes said. In fact, 30 percent of the blocked malware in the Allot study came via JavaScript files, while 20 percent was courtesy of image files like .jpg, .png, .gif and .ico, he said. Employees can even use online storage services like iCloud and Dropbox to store sensitive corporate data right alongside personal information.

Similarly, the use of anonymizing services by employees can pose substantial risks to enterprise data, the report noted. Employees need to install software on their client devices in order to use an anonymizer. The software creates a virtual proxy that connects to a proxy network or public proxy server. The tools can be used by employees to evade enterprise firewalls and access Web accounts or services that are not permitted. From its study, Allot discovered that an average of 58 attempts are made per day to access anonymizer applications and related tools from within small and medium businesses.

Such trends highlight the need for companies to not just have AUPs, but also a way to enforce them, Sulkes said. Rather than focusing on perimeter-centric tools, enterprises need to be thinking about application-specific controls for mitigating risks posed by inappropriate use of risky Web applications in the workplace.

More from

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

Hive0051 goes all in with a triple threat

13 min read - As of April 2024, IBM X-Force is tracking new waves of Russian state-sponsored Hive0051 (aka UAC-0010, Gamaredon) activity featuring new iterations of Gamma malware first observed in November 2023. These discoveries follow late October 2023 findings, detailing Hive0051's use of a novel multi-channel method of rapidly rotating C2 infrastructure (DNS Fluxing) to deliver new Gamma malware variants, facilitating more than a thousand infections in a single day. An examination of a sample of the lures associated with the ongoing activity reveals…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today