Peer-to-Peer (P2P) networking has become a popular method for sharing files, music, photographs and other information. P2P allows computer users, utilizing the same P2P software, to connect with each other and directly access files from one another's hard drives.
Although the concept of file sharing seems benign, there are a number of risks associated with P2P.
Because the negative effects of P2P far outweigh any potential benefits, the best way to protect your computer/system is to avoid P2P technology
However, in the event of a documented business case for using P2P, make sure a thorough risk assessment is completed before employing this service. If a P2P file sharing network is the only solution for your needs, consider the following tips for use of this type of service:
Obtain Permission to Use P2P
Obtain explicit, written permission from your organization’s cyber security group or IT director before installing a P2P client or using P2P network file sharing on a corporate network or system.
Limit Use of P2P On a Corporate Network
Restrict access to those in your organization who have legitimate business needs for P2P file sharing
Obtain the P2P Software from a Legitimate Source
Obtain software only from known, legitimate and reputable sources.
Restrict P2P access to only those folders specifically identified for this purpose. When you install P2P client software and join a P2P network, check to see if there is a default folder for sharing, which is designated during the installation. If there is, limit file sharing only to this folder. The designated folder should contain only files that you want others on the P2P network to be able to view and download. Be careful not to designate the root "C:" drive as the shared files folder, which enables everyone on the P2P network to see and access virtually every file and folder on the entire hard drive.
It is important that you have protective security software (anti-virus and anti-spyware) running on your computer. This software should perform a virus scan on any file you download before you execute or open it. Make sure that the most current anti-virus software and virus definition updates are installed on your computer.
Scan your computer periodically with virus and spyware detection tools to ensure you haven't installed malicious code on your system.
Adhere to the Law (Copyright and others)
Know the laws. There may be legal ramifications from sharing and/or downloading certain files. Downloading illegal copies of files (i.e. music, movies, etc.), or downloading improper files on computers or networks, or sharing personal information may lead to legal consequences, such as prosecution, disciplinary action, as well as financial liability.