By Andy McCue, 16 March 2004 13:30
NEWS UK firms are still allowing widespread illegal peer-to-peer (P2P) file-sharing on their corporate networks despite the threat of legal action from record companies and the security risk it poses.
The findings are revealed in a survey of 500 UK IT managers and HR officers by web and email filtering software company SurfControl.
Two-thirds of those surveyed claim their organisation takes P2P file-sharing seriously. But when questioned further, half of the HR officers admit they don't have a policy on file-sharing in the workplace, while another 23 per cent don't even know if they have a policy on it at all.
The results are worrying given that over a third of employees in a separate survey last week said they use applications such as Kazaa and Gnutella at work.
Martino Corbelli, director of marketing at SurfControl, said there is a gap between what IT and HR think is covered and what is actually covered, which is made worse by the fact that a lot of P2P content is illegal and in breach of copyright.
"If you don't have a policy in place, taking action against that person is very difficult. If you want to be secure then put something in place to stop the abuse in the first place," he said. "The same rules for web and email use apply to instant messaging and file-sharing. They open up massive security holes and can be a drain on staff productivity along with the legal liability issues."
Half of the IT managers in the survey also said they do not have any security measures in place to stop file-sharing.
Another issue is that anecdotal evidence suggests it is often the IT department and IT staff who most use file-sharing applications at work. "It's another reason why HR needs to be more involved," said Corbelli.
Roger Hockaday, director of marketing at network management company Packeteer backed up the findings.
"Our experience is that most network managers are more concerned with worms, viruses, streaming media and IM than P2P file-sharing. However, the reality is that most network managers do not know if it even exists on their networks," he said.
Comments
There are 3 comments. Join the discussion
1. Dan Ney
What exactly do you mean by illegal filesharing? I thought if its illegal that means its against the law. Was there a bill past through parliment stating that file sharing is outlawed?
2. anonymous
The sharing of any product which is protected by copyright is only permitted if the copyright owner permits it.
So, it would only be legal to copy (for instance) a piece of music if the person who owns the intellectual rights to that music has allowed it to be shared without anyone making a payment of any sorts. Products which are sold are not usually allowed to be distributed in this way.
When a product is bought you normally pay per product - so if you buy two (eg. bars of chocolate) you must pay for them both as two items. It does not matter who eats the chocolate bars, as ultimately each one can only be eaten once. What is happening with music is that people are buying one copy and then allowing other people to copy it without paying for the additional copies.
Technically this is theft, even if this type of activity has not been legislated against. You are depriving the copywright owner of his / her money.
Having said all that the reality is that people will share files (and much more) and the sooner the music industry stops trying to flog a dead horse and finds a solution which accepts that for as long as they exist computers will be used for music sharing then the sooner the present mess will be sorted out.
Bleating about things being illegal wont stop people doing it - especially when there is no legal alternative.
What I am waiting for is the computer programmer who can turn his / her mind to something really useful, such as how to add a few zeroes to the balance on my savings account. OK the banks wont like it - but their earning interest on my money when they take 4 days to clear cheques, etc is as much theft as is music sharing.
3. Andy Wooles
This is not just a HR/IT issue; it is a Director-level issue. Breach of copyright involves personal director liability as well as corporate liability - it is exactly the same law as if the company is using unlicensed software.
P2P applications have no place in most businesses. Technology is available now to find those applications on the network and disable/delete them.
P2P and IM applications are not just major threats due to what they can bring into an organisation, but also what they allow out. Preventing the leak of confidential data out of organisations via software means such as email, P2P, IM, or hardware - floppy, CD and now USB memory devices is a major challenge to security and IT management. Securing the enterprise's intellectual property is a strategic management issue, whether you are a major NHS Trust with specific standards to meet, or an SME fighting for business.