Second Life can reduce productivity and cause IT security risks in real life, warns an IT security software firm.
Sophos has announced that from March 22, the application control feature of Sophos Anti-Virus will be extended to give businesses the option to block workers from playing Second Life via company networks.
With more than four million registered users worldwide, many of whom regularly visit Second Life on their business PCs, Sophos is warning of the negative impact on staff productivity as well as the IT security risks posed by allowing employees to access this virtual world at work.
In a recent Sophos web poll of more than 450 system administrators, 90.4 per cent wanted the ability to block the unauthorised use of games at work, with 62 per cent indicating this was essential. In addition to placing unnecessary burdens on company bandwidth and wasting valuable business time, the use of web-based games such as Second Life is also opening up a new set of IT security threats.
The growing use of Web 2.0 is redefining how users interact with the internet and subsequently creating new avenues for cybercriminals seeking the easiest point of entry to the network, according to the software firm.
What they say
"Second Life is a hot topic on the internet, with people becoming hooked on their new virtual life and companies opening up virtual branches. IT departments are concerned that workers may be so keen to log on to Second Life and other virtual worlds that there will not only be a productivity hit but also a potential security issue," said Carole Theriault, senior security consultant at Sophos. "If users cannot be trusted to act responsibly on corporate computers, then system administrators will need to enforce policies through technology. For businesses operating in the real world, users playing online games can seriously impact on performance, drain network resources and put corporate data at risk."
The media buzz about the virtual world has already made Second Life a target for hackers trying to gain access to sensitive data to commit identity theft and for financial gain, the software firm adds. Last September, hackers stole a Second Life database containing passwords and login information about 650,000 players (see http://www.sophos.com/pressoffice/news/articles/2006/09/second-life.html). To defend against web-based threats, the IT firm recommends that businesses implement a consolidated security solution to protect all possible routes of infection to the corporate network, as well as controlling which websites and online applications can be accessed from work PCs.
Sophos claims that since it introduced application control ability to Sophos Anti-Virus in September 2006, it has given businesses the power to block games, VoIP, peer-to-peer (P2P), Instant Messaging (IM) and distributed computing applications. The technology integrates into Sophos Anti-Virus 6.0, providing users with a universal desktop client that addresses a diverse range of security and productivity challenges, it is claimed.
To listen to a Sophos podcast about how to control what applications your employees use on your network with Application Control: http://www.sophos.com/pressoffice/news/articles/2006/09/application-podcast.html
