Security Outfit urges companies to ban Greynets

Commenting on the growing issue of greynet, Ian Kilpatrick, chairman of Wick Hill Group, said that the massive recent growth in these applications had created a strong need for security related products which can deal with the security and management issues they raise.

IM, P2P, Web conferencing and spyware applications are part of a category of networked applications that security specialists call ‘greynets.’

Greynets are network-enabled applications that are installed on an end user’s system without permission from IT and are highly evasive to existing security infrastructure.

While many of these applications deliver collaborative benefits to users, they pose a unique challenge to network administrators by traversing the network through a variety of ports and evasive techniques.

If left unmanaged, greynet applications can introduce productivity issues, compliance risks, and concerns over information leakage.

Spyware should be prevented at the gateway before it infects the network and jeopardises corporate assets, while instant messaging security stops data leaks and preserves networks by securing the use of public IM against exploitation by hackers, spyware, worms and viruses.

Unauthorised P2P applications are prevented from hijacking legitimate protocols to serve as vectors for malware distribution; and compliance regulations are met by logging, archiving and protecting IM conversations and other shared content.

Furthermore, the combined use of Microsoft Live Communication Server 2005 (LCS) is enforced by blocking unauthorized public IM and P2P connections.