As the Web 2.0 movement makes interactive applications and social networks such as Facebook ubiquitous on employees’ desktop computers, financial firms are facing the daunting task of monitoring these so-called greynets.
Instant messaging security vendor FaceTime Communications estimates that there are more than 600 greynets worldwide, a number that will climb past 1,000 by the end of the year. These networks are called greynets because the peer-to-peer applications they are composed of operate in the shadows, without company authorization, and are difficult to police. According to a recent survey by FaceTime’s Security Labs research unit, 90 percent of IT managers have experienced a greynet-related security incident in the last six months–despite deploying firewalls and intrusion prevention systems.
On average, IT managers spent $289,000 in 2007 to repair company computers infected by malware attacks over greynets, compared to $130,000 the previous year, according to the study. Greynet applications include IM as well as file-sharing, collaboration and other Web 2.0 tools. Some of the applications need to be downloaded; others load as a Web page, pop-up window or widget.