Home
Home Page
XML on the screen of a browser
Interaction with life cycle of page
How to overtake competitors and at once to do{make} liderskie pages
Adjustment of parameters PHP in php.ini
KHehshirovanie passwords in PHP
Total Automation of Reception of payments on a site
Object-oriented programming, classes in PHP
Abstract classes and interfaces
The module of definition of a geographical position on IP - mod_GeoIP
Conclusion of messages to the user in webs - applications.
Manipulation date on PHP
The truth about Sessions
Realization of patterns on PHP.
Protection against a spam on a site
Imitation of files and directories
Door in protection: the post web - interface
Safety of search engines in the corporate environment
CHPU and PHP (revisited)
Links
 
topic
 

Safety of search engines in the corporate environment

Joint research of company InfoWatch and information portal on IT-safety SecurityLab.ru


Introduction


Information technologies (IT) all are included into business practically each organization more deeply. It is accompanied almost ehksponencial`nym by growth of volumes of the corporate information, akkumuliruemoj in local area networks of the company. In result on the foreground the problem of fast and convenient access to the documents distributed{allocated} on numerous servers and the workers by stations of an intranet leaves. Efficiency of all business as time spent by employees on search of the necessary document, negatively influences labour productivity can depend on the effective decision of this problem  and means the money of the company thrown out on a wind.


Today in the market there is a lot of tools which are intended for simplification of access to the documents distributed{allocated} in a corporate network. These products allow to find quickly practically any information used in modern business: text documents, electronic messages, a cache of a browser, graphic files, etc. The Most known suppliers of corporate search engines in the Russian market are Google, Yahoo and a Yandex. Meanwhile, from messages in press there can be a sensation what to use these tools in the corporate environment dangerously. The matter is that from time to time the organizations suffer from serious outflow of the confidential or private information. And it is consequence{investigation} of use (probably, incorrect) corporate search engines. Thus, representatives of business collide{face} with threats of information safety (IB) which result from application of tools of search. Some examples from practice:


* At the end of 2004, at once after to public has been submitted Google Desktop, messages that this local poiskovik indexs absolutely all post messages on a personal computer have appeared and, thus, allows to bypass passwords on the mail boxes, established{installed} in post clients. In result specializing on systems of safety of the company have hastened to declare Google Desktop potentially dangerous program.

* At once it became clear, that search engines practically all suppliers index absolutely all data (which format they support), taking place on workstations. At times use of these tools allows to get access even to those documents which are on a hard disk in the ciphered kind, and in an open kind. Though it, obviously, is vulnerability of the cryptographic means which have not removed original files after encryption. Nevertheless, developers of cryptographic products have hastened to accuse search engines.

* In November, 2005 in corporate search engine Google Mini vulnerability for which elimination the company has in an extra hurry issued zaplatku has been found out. Use tell lies could lead to to any execution{performance} of scripts or a html-code on the removed computer.

* In December, 2005 vulnerability in Internet Explorer has been found out, allowing to get access to the information of the user through Google Desktop 2. Company Microsoft has promised to issue zaplatku in the near future, and representatives Google have declared, that the found gap - is vulnerability of a browser, so the search engine here and.

* In February, 2006 firm Gartner has issued the report in which danger of the new functionality Google Desktop 3 allowing users to search the information on several computers was marked. Essence of a problem that the copy of all data is saved on Google servers within 30 days. Analytics Gartner have emphasized, that simple carry of the information for limits of the enterprises represents unacceptable risk for many companies. Besides carry of the information on external servers immediately lifts a question on the one who else will receive to them the information. In the answer company Google has recognized, that new function can represent the big danger to the enterprises, but has noticed, that the responsibility for safety lays on users, and this function can be quite switched - off.


The present{true} research is the first Russian project aimed at studying of a problem of safe use of search engines in the corporate environment. Research sets as the purpose to reveal fear of corporate users concerning application of tools of search, and also to study those risks which accompany use of search engines in the companies.


The general{common} conclusions


* The most dangerous threat arising at use of search engines in the corporate environment, outflow of the confidential information (48,9 %) is. The index of danger of this threat considerably outstrips all others. Experts InfoWatch consider, that fears of respondents are quite fair.

* Only small part of respondents (19,3 %) considers, that search engines are completely safe. It in the best way shows that intensity which has developed among representatives of business who already use corporate search engines or only are going to them to introduce.

* Almost half (45,3 %) respondents is convinced, that the threats accompanying use of corporate search engines, arise because of the human factor. In opinion of analysts InfoWatch, application of search engines really emphasizes a problem insajderov.

* Hardly there is more than half (54,2 %) respondents consider, that raised{increased} risks IB are an obstacle in a way of introduction of corporate search engines. The opposite point of view to 45,8 % adhere. Though 70,6 % of respondents from both groups are not sure in the answer finally.


Methodology of research


Research was spent during 6.06.-6.07.2006. During gathering the primary statistical data 1537 respondents, filling online-questionnaires on a site SecurityLab.ru have taken part. Questions for questioning and results of research have been prepared by the analytical center of company InfoWatch. The data resulted below are approximated up to the tenth percent{interest}. In some cases the sum of shares of answers surpasses 100 % because of use of multiple questions.


Portrait of the respondent


On fig. 1 the portrait of respondents on an occupation is submitted. The greatest part of the interrogated employees work as system administrators (37,7 %). Users (27,9 %) and programmers (20,8 %) further follow. At last, the smallest group of respondents represents experts on IB (13,6 %). Thus, the employees rather competent of sphere IT have taken part in research, overwhelming which majority (72,1 %) possesses highly professional knowledge in this area.



Preferences of respondents


On fig. 2 the most known suppliers of corporate search engines in the Russian market and their distribution on base of respondents are specified. The most popular tool of search appeared products of company Google (Google Desktop, Google Desktop for Enterprises, Google Mini, Google Server Appliance, etc.). Half interrogated serving (46 %) uses these decisions almost. The search engine of a Yandex (Personal search of a Yandex, etc.) is less distributed. This product have specified 38,4 % of respondents. At last, on the third place there were tools of search from company Yahoo (Yahoo Desktop Search, etc.) on which have stopped the choice of 1,6 % of the interrogated employees. Also we shall note, that the certain part of respondents (14 %) uses other search engines.



Safety of search engines


The most important part of research became group of questions on threats IB which accompany use of search engines in the corporate environment. First of all, it was offered to respondents to share the fears and to specify those new risks which arise in the organization in connection with application of the specialized search products (see fig. 3). As appeared, the greatest trouble of employees is caused with threat of outflow of the confidential information (48,9 %). In other words, practically half of respondents is sure, that use of tools of search will lead to to that the classified commercial information appears outside an intranet of the company.




About four respondents from ten (39,8 %) consider, that application of corporate search engines is fraught with penetration of nocuous programs into the IT-infrastructure of the organization. Little bit less than the interrogated experts it is sure, that one more accompanying risk is threat of the non-authorized access (35,3 %). At last, practically everyone the fourth (24,6 %) the respondent is afraid of loss of the data owing to introduction of search products in the company, and almost everyone the fifth (19,3 %) is confident safety of these systems. Also we shall note, that the small group (15 %) anketirovannykh employees believes, that search engines tajat in itself and other threats besides that are listed above.


In opinion of analytical center InfoWatch, concern of respondents is quite justified by risk of outflow of the confidential information. The matter is that search engines considerably facilitate access to the commercial data on the part of the personnel. In overwhelming majority of cases this access is completely authorized and authorized. Thus, if insajder tries "to merge" trading or technological secrets of the employer on the party  he does not need to find out where all this information is stored{kept}. In fact at the order insajdera there is a powerful tool of search which allows to find the necessary document for few seconds. Besides in opinion of experts InfoWatch, use of search engines raises risks of casual (inadvertent) outflow of the sensitive data. The increased level of this threat speaks that, that now it is much easier to respectable employee to be mistaken, having mixed confidential and public files. Such situation can arise in that case when the employee does{makes} search on any keyword which meets, both in closed, and in the open document and also when the employee supposes outflow of the document, on which confidential character he simply is not informed. Meanwhile, in a commission of experts SecurityLab.ru caused some surprise, that on the second place among answers of respondents there was a threat of penetration of nocuous codes. The matter is that the trouble of experts concerning other risks (outflow of the confidential information, the non-authorized access, loss of the data) is quite understandable and is explained. In fact all of them navejany already occurred incidents. For example, vulnerability in a browser potentially allowed a hacker to provide the non-authorized access to the information, to steal or destroy her . However it has not been created yet even koncepta those worms which could penetrate on a computer owing to a gap in the search engine. Besides nothing specifies that such koncepty will appear in the near future as for this purpose it is necessary that search engines of any one suppliers used extremely wide popularity among users. And it, apparently from the given research, does not occur. Nevertheless, analytics SecurityLab.ru find an explanation to fears of respondents. Nocuous codes are one of the most dangerous threats IB, alongside with outflow of the confidential information. So the employees, taking place all time under pressure of mass-media and suppliers of anti-virus decisions, could switch on the given threat on « any case ».



The following question of analytics InfoWatch have suggested to specify sources of threats IB arising at use of corporate search engines (see fig. 4). This question is not less important, than previous as increase of risks IB in connection with occurrence of a new product in a corporate network not necessarily is consequence{investigation} of vulnerability of the introduced information product. Actually and appeared - almost half (45,3 %) respondents is sure, that new threats arise as result of the human factor. Validly, enough often employees simply are not able to use search engines according to strict safety requirements. The answer of steel of vulnerability following on popularity in a program environment of the search engine. For the benefit of this variant have given the voices of 26,1 % of respondents. With such opinion too it is difficult to not agree, as the examples resulted in introduction specify, that incidents IB arise, including, because of gaps in a browser, cryptographic means, post clients, etc. At last, closes the three of sources of risks IB - vulnerability in search engines. However on a share of this answer 9,3 % of respondents were necessary only. In other words, the interrogated employees I realize, that search engines, as well as any other software, can contain mistakes and gaps, but in practice the human factor and vulnerability in a program environment much more often result in incidents IB. Also we shall note, that 19,3 % of respondents have specified absence of the threats arising owing to use of corporate search engines. It is the same group which has chosen a similar variant at the answer to the previous question.


Oborotni in white collarets


« We should realize clearly that if confidential documents get in the general{common} index of the search engine the only thing that can prevent outflow so it is system of active monitoring of all communication channels. If the organization does not supervise email, the Internet, USB-flehshki, printers and other channels commercial secrets will flow away from such company faster, than the chief will have time to blink an eye. Moreover, that outflow has taken place to not supervise enough even one of the mentioned above channels. I also should say, that search engines here at all and. They only facilitate access to the closed data - insajder can find much faster that confidential document which is necessary for him. However and without the corporate search engine insajder all the same will consult. Simply it will borrow{occupy} hardly more time. Thus, if the system of protection against outflow and insajderov in the organizations is introduced, it is possible to introduce safely tools of search and to not be afraid for the human factor or oborotnej in white collarets. If the system of protection no, search engines only will speed up outflow of trading secrets of the company », - Denis Zenkin, director on marketing company InfoWatch makes comments.


The rate on a Yandex


Occurrence of personal search engines has put many commercial organizations before a hard choice: on the one hand weights an appreciable economic gain from enormous economy working hours by search of the necessary files - in fact for a year each office employee of the company searches on the computer and in an internal network of the organization of thousand different documents - old letters, forms, typical reports, spends many hundreds working hours for similar search. On the other hand rigidly there is a question of a safety - in fact proindexed "concentrate" of the information of the company in any case is extremely a tidbit for the potential malefactor. And the idea to pass "outside" these confidential data among which on imprudence of one of users can get and completely confidential svede-nija and stores{keeps} on foreign servers of company Google which are not hiding the close communications{connections} with the American special services, completely cuts an opportunity of use of personal search engines Google for many companies. As the quite good compromise it is possible to specify the decision from the company a Yandex in which index files are stored{kept} on the computer chosen you and do not leave{abandon} limits of the organization. However in any case to protect these index files it is necessary not less carefully, than the list of passwords.

- Alexander Antipov, head Securitylab.ru.


Summarizing all answers of respondents, it is possible to summarize, that representatives of business can easy use corporate search engines if politics IB accepted in the company, assumes protection of the confidential information, prevention of outflow and monitoring insajderskoj activity. We shall note, that so effective politics IB should be in each large organization as risks of outflow of trading secrets are high everywhere where these secrets are, and are not connected in any way by tools of search. If at the enterprise there is no adequate politics IB, and corresponding means of protection against outflow and insajderov means of corporate search only will aggravate a situation are not used, having given oborotnjam in white collarets a convenient way of fast access to the necessary information.


The factor of safety of search engines


Last question of research of analytics InfoWatch have suggested respondents to show, as far as they give the large value to the factor of safety of corporate search engines (fig. 5). As appeared, little bit less half (45,8 %) the interrogated employees count, that threats IB accompanying use of search engines in the IT-infrastructure, are an obstacle in a way of introduction of these products. However more than half of respondents (54,2 %) hold opposite opinion.



Also it is necessary to note the big group of respondents which is not sure in the answer. So, the variant « More likely yes, than no » have chosen 32,3 % answering. The answer « no More likely, than yes » distances of 38,3 % of respondents. In other words, these of 70,6 % anketirovannykh employees cannot precisely say, how the factor of safety affects at decision-making on introduction of corporate search engines.


The conclusion


So, the most dangerous threat arising at use of search engines in the corporate environment, outflow of the confidential information (48,9 %) is. As experts InfoWatch specify, fears of respondents have quite rational mail, in fact search engines considerably facilitate access to corporate secrets, and, hence, raise risks of outflow. Respondents have named the threat following on danger risk of penetration of nocuous programs (39,8 %). The given answer hardly can be counted objectively proved. In opinion of experts SecurityLab.ru, the choice of this variant is dictated by constant pressure of mass-media and anti-virus suppliers upon an audience. In result respondents have chosen virus threat "just in case". Thus only small part of respondents (19,3 %) considers, that search engines are completely safe. In other words, representatives of business are overwhelmed really with doubts in as far as protected it is possible to count the IT-infrastructure after introduction in it{her} of the corporate search engine. Almost half (45,3 %) respondents is convinced, that the threats accompanying use of corporate search engines, arise because of the human factor. One more popular answer of steel of a gap in a program environment (26,1 %), for example, operational system, cryptographic utilities, etc. In opinion of analysts InfoWatch, application of search engines really emphasizes a problem insajderov. However if the system of protection against outflow is already introduced into the companies and insajderov she has nothing to be afraid - search engines will not lead to to outflow neither as a result of casual actions of the personnel, nor owing to ill-intentioned activity.


Hardly there is more than half (54,2 %) respondents consider, that raised{increased} risks IB are an obstacle in a way of introduction of corporate search engines. The opposite point of view to 45,8 % adhere. Thus, the factor of safety renders serious enough influence on decision-making on introduction of the search engine in the IT-infrastructure of the company.