• A new channel for data leakage/breaches?

    15 Dec 2008

    I just had a flashforward moment a minute ago. I was dragging and dropping a file on my Windows desktop and it “landed” on the Skype window I had open. It didn’t do anything because I caught it in time but I thought: Oh no! What if I accidentally transmitted a file to someone in my phonebook? Perhaps someone that didn’t need to see that file.

    But then I thought – nah you couldn’t do something like that. Maybe in applications down the road. Well, sure enough you can – today! I tested it again and it works. It’s like dropping a piece of jewelry down a well that ends up on the other side of the earth… but it could be much worse. You send a file to someone over Skype (or whatever) that they shouldn’t see – and you can’t get it back.

    Keep this in mind when training your users about the security issues associated with P2P/IM/Social Network/whatever applications. I know, you don’t allow those apps. But they’re using them anyway! Seriously, this could be an exposure waiting to happen and would be a tough one to explain.