Apps and work: data put at risk

    Updated: 2013-04-07 07:44

    By Quentin Hardy(The New York Times)

      Print Mail Large Medium  Small

     Apps and work: data put at risk

    Rajiv Gupta, chief executive of Skyhigh Networks, right, with engineers at the company's Cupertino, California, headquarters. Peter Dasilva for The New York Times

    Apps and work: data put at risk

    SAN FRANCISCO - As is the case with many busy people, Delyn Simons's life has become an open phone app of commingled corporate and personal information.

    "I've got Dropbox, Box, YouSendIt, Teambox, Google Drive," says Ms. Simons, a 42-year-old executive, naming some of the services on her iPhone that store memos, spreadsheets, customer information and soccer schedules.

    She and her colleagues at Mashery, a 170-employee company that helps other companies build more apps, also share corporate data on GroupMe, Evernote, Skype and Google Hangouts. "From the standpoint of corporate I.T.," she says, "my team is a problem."

    While the company's most confidential information is encrypted and available only to authorized executives, John Oberon, Mashery's information technology chief, who is supposed to keep track of company data, said "there's only so much you can do to stop people from forwarding an e-mail or storing a document off a phone."

    Once the data leaves the corporate network, protecting it becomes much harder. Searching for the name of almost any large company, plus the word "confidential," yields supposedly secret documents that someone has taken from the company network and published.

    Netflix, the streaming video service, recently found employees using 496 smartphone apps, primarily for data storage, communications and collaboration. Cisco Systems, which powers much of the Internet with computer networking gear, found several hundred apps, as well as services for shopping and personal scheduling, touching its own network via employees.

    "People are going to bring their own devices, their own data, their own software applications, even their own work groups," drawing off friends and contractors at other companies, said Bill Burns, the director of information technology infrastructure at Netflix. "If you try and implant software that limits an employee's capabilities, you're adding a layer of complexity."

    Almost no service is invulnerable. In 2011, Chinese hackers obtained access to hundreds of United States government accounts on Google's Gmail. Last July, Dropbox, one of the most widely used storage services, reported a loss of data from a large number of customers. Without special instructions, customer sales information in the online service of Salesforce.com can be moved to private accounts at Box. Evernote recently said user names, e-mail address and passwords had been stolen in an attack, requiring the passwords of more than 50 million accounts to be reset.

    In 2011, Juniper Networks found more than 28,000 samples of mobile malware, mostly for capturing and transferring information like passwords. In January this year, Florida's Juvenile Justice Department reported that 114,538 youth and employee records had disappeared when a storage device with no password was stolen. The state will pay for a year of credit monitoring for everyone whose data was lost.

    Last September, a customer notified Rite Aid that he could obtain other customers' names, addresses and prescription records from the company's mobile app. (Rite Aid says the problem has been fixed and that it is not aware of any data loss.)

    Even without proof of compromised accounts, such losses can cost a company both money and reputation.

    Some apps onto which employees may move company information, like Facebook, are well known. Others, like Remember the Milk, used for completing tasks, are news even to some of the experts in I.T. Skyhigh Networks, which recently started monitoring personal use of apps, has counted more than 1,200 services used in corporate networks from personal devices.

    Skyhigh signs up for each service, along with 1,000 others that have not yet touched a corporate network, and researches them for security issues, like how easy it is to get inside the system and obtain another customer's data. The company then tunes a customer's corporate network to allow services to have different degrees of access to information.

    "We have to be careful how we inspect for security vulnerabilities, since we don't want to get arrested ourselves," says Rajiv Gupta, Skyhigh's chief executive.

    The problem of data leakage is as old as someone taking a carbon copy home on the weekend. What is different now is how people can take data with a finger swipe, and how little they know about whether a service has malware.

    Companies do not want to stand in the way of "life splicing," as the intermingling of home and work tasks is known, because it mostly plays in a company's favor. They just want more security.

    The New York Times

    (China Daily 04/07/2013 page10)

    亚洲欧美成人久久综合中文网| 中文字幕无码久久精品青草| 亚洲日本欧美日韩中文字幕| 中文字幕人妻无码专区| 中文无码不卡的岛国片| 无码区国产区在线播放| 日韩欧美一区二区三区中文精品| 四虎国产精品永久在线无码 | 精品久久无码中文字幕| 免费看成人AA片无码视频羞羞网| 亚洲高清无码综合性爱视频| 国产免费无码一区二区| 中文字幕人妻无码一区二区三区 | 亚洲毛片网址在线观看中文字幕| 欧美日韩久久中文字幕| 国产AV无码专区亚洲Av| 无码人妻精品一区二区三区66 | 最近2019年中文字幕一页| 在线观看无码AV网站永久免费| 国产三级无码内射在线看| 无码欧精品亚洲日韩一区| 亚洲成AV人在线播放无码| 性无码专区一色吊丝中文字幕| 中出人妻中文字幕无码| 亚洲精品无码av天堂| 国产做无码视频在线观看浪潮| 亚洲日产无码中文字幕| 亚洲日韩激情无码一区| 曰韩精品无码一区二区三区| 中文字幕无码第1页| 国产成人无码区免费内射一片色欲| 免费看成人AA片无码视频羞羞网| 亚洲欧美成人久久综合中文网 | 中文字幕视频在线| 亚洲av中文无码乱人伦在线播放| 精品久久久久久中文字幕大豆网| 亚洲一区无码精品色| 曰韩无码AV片免费播放不卡| 亚洲开心婷婷中文字幕| 精品久久久久中文字幕日本| 婷婷中文娱乐网开心|