In the world of enterprise I.T., everything is a security risk: your insecure password, an unexpected email attachment, a careless web surfer clicking through to a malicious URL, or the unapproved software you installed on your computer. Today’s I.T. has plenty of tools to handle most of these threats, ranging from firewalls and spam filters to malware fighting software and application control mechanisms. Now, they will soon have something more: a new Application Control Engine that specifically goes after and shuts down Web 2.0 apps and social network widgets.
Introducing ACE: A Tool to Shut Down Web 2.0
A company called FaceTime Communications, based in Belmont, California, recently introduced their new inspection and classification technology called “ACE,” which simply stands for Application Control Engine. This patented security technology is capable of scanning a network and identifying more than 1400 Web 2.0 applications and more than 50,000 social networks widgets distributed by sites like Facebook, MySpace, and Orkut.
Scanning for rogue applications on the network is nothing new for I.T., but what’s interesting about FaceTime’s ACE technology is its focus on scanning for the technologies that often fly under I.T.’s radar: web apps.
The Danger of Web 2.0 Behind the Firewall
As we’ve mentioned before, I.T.’s failure to adapt to the changing needs of their user base, now younger and more digitally savvy than ever before, has led to a lot of self-provisioning of the easy-to-use applications found on the web. These tools can include anything from Facebook groups to standalone apps like the SharePoint-lite team pages found on Google Sites.
Of course, when users become their own I.T. department, they’re unknowingly introducing inherent risks into the previously hardened network infrastructure. Just because a web app is easy to operate, that doesn’t make it safe and secure for enterprise use. As users upload and share sensitive files through these unapproved backchannels or have business-related conversations through web-based IM chatrooms, they might not only be putting their company’s data at risk, they could also be breaking various compliance laws as well.
The Difficulty of Monitoring Web Apps in the Enterprise
For I.T., the challenge is keeping up with the barrage of new web apps out there and shutting down those that present a threat. In an independent study commissioned by FaceTime Communications, 62% of I.T. respondents said that there were eight or more Internet applications installed on their enterprise networks – a 300% increase over the first study conducted in 2005. More importantly, the respondents noted that about one-third of their users downloaded the applications they wanted to use – regardless of company policy. Those apps were a mix between apps for business and those used for personal reasons.
I.T. has traditionally struggled to shut down many of today’s web applications because they are not all strictly browser-based. Knowing that their adoption rate is dependent on behind-the-back installs on company desktops, many of the apps make sure they can’t be blocked by a URL signature. The apps may also masquerade themselves as HTTP, FTP, SMTP and Telnet traffic while exhibiting evasive techniques that help them penetrate the company firewall and escape detection by the current crop of Unified Threat Management systems.
With FaceTime’s ACE, though, more than 1,400 of these web applications can be identified and even more social networking widgets can be isolated, too. Those apps can be discovered and shut down regardless of the port, protocol, or evasive technique they use. In addition, the ACE software developers kit (SDK) allows third party solution providers the ability to extend their offerings in order to help their customers manage instant messaging, peer-to-peer file sharing, social networking, Web 2.0, voice-over-IP, anonymizers, IPTV, multimedia, games, virtual worlds, and unified communications.
What This Means for Enterprise 2.0
If FaceTime’s ACE or other similar technologies become a mainstay in the enterprise I.T. toolkit, the explosion of Web 2.0 for business use, a trend typically called Enterprise 2.0, may be dealt quite a blow. The only Enterprise 2.0 apps that will succeed given that scenario will be the ones that worked with the I.T. admins from the very beginning to assure them of their safety. The apps reliant on a slew of the company’s rule-breaking users for adoption, however, will be out of luck. Perhaps being sneaky may not have been a great business model after all.