Accellion blog has moved!

You should be automatically redirected in 6 seconds. If not, visit
and update your bookmarks.

Friday, August 18, 2006

Enterprise File Transfer Hurdles for BitTorrent and other Consumer oriented Technologies

Summary: BitTorrent is a hot new peer-to-peer technology for sending large files over the Internet. Teens use it to (often illegally) trade music and movies. Could the technology be harnessed for business users who want to send files to each other? If the current incarnation is any guide, the answer is a definite No because it poses great risks to your information assets.


With a glass of ice tea in hand, ACA Guy continues the musing on BitTorrent where he left off last week...


The way I see it, BitTorrent provides a very robust tool for consumer level digital proliferation. For example, for those niche, aka long tail, digital products, BitTorrent removes the burden of central administration of hosting a dedicated server to host file transfers, which was the standard operating procedure of the Web 1.0 yesteryear. What is cool about the BitTorrent technology is that there is no longer a throughput issue, even if the demand for the file transfer service grows. As a matter of fact, if demands grows, with the multiplying effects of "peers" (i.e., PCs) within "the swarm" (i.e., the network of participating PCs) to send "torrents" (i.e., pieces of your file), the performance benefit actually snowballs instead of drags. See this posting for a quick note on how BitTorrent works.

That is the good news.

But the question that ACA Guy is trying to answer is, does BitTorrent work within an enterprise file transfer context? The answer, to the best of my knowledge, is a resounding NO with the current incarnation.

Unlike the grandparents in Hoboken, New Jersey, who are anxious to see the latest pictures of their darling grandchild snapped by proud new parents in Palo Alto, California, enterprise usage has a lot more requirements beyond proliferation speed that are legally required and/or demanded by business users like you and me.

For example, since bits and pieces of the information travel through different peers, how does the enterprise ensure privacy protection? Similarly, would you let the company's confidential information, such as R&D results that have taken one year to compile, travel through some unknown peer computers? An analogy is to think of delivering your financial statements to your advisor down the street by passing parts of them through other neighbors’ houses. What is to prevent each neighbor from reading the pieces before delivering them to the intended recipient?

Furthermore, these peer computers may intentionally or accidentally tag on undesired payload in the transmission. It could be in the name of "national security" or a common place virus targeted at BitTorrent, but, as I have argued here, whatever the route, malware is still an unwanted payload.

It is with these reservations in mind that I read the Wall Street Journal columnist Walt Mossberg's review of Pando Networks's BitTorrent file transfer solution. In fairness, Pando is targeted to consumer usage and it seems to offer a new P2P perspective. At the same time, its implementation also points to the key fault lines between consumer and enterprise file transfer solutions.

The key difference between consumer and enterprise solutions for file transfer, beyond the minor privacy and security concerns noted above, are things like the ability to create detailed audit trails for review, the ability to configure a solution to meet specific process needs, and, for good or ill, the ability to monitor/prevent users from engaging in unwanted activities. Just like this comment from James Musto noted: firms have been telling users to NOT install P2P software for years. A BitTorrent-based solution is probably an even bigger no-no because it allows users to forward files whilst these files are being received.

I can already imagine the cry of agony if enterprise users were to start trafficking company information in BitTorrent.

People! Be nice (to IT)!


No comments: