Many employees process sensitive business information on home computers. Many more store sensitive information on laptops. The proliferation of file sharing, especially music files, through a process known as peer-to-peer (P2P) sharing, has lead to a situation where sensitive corporate information is stored on PCs and laptops which also have P2P software installed, allowing for the inadvertent compromise of sensitive data, and possible exposure to lawsuits, fines or reputational damage.
This is an area of business risk exposure which is largely unchecked in most companies, since there is usually no single person who is responsible for ensuring that sensitive company data does not reside on PCs or laptops alongside P2P software.
A recent report by the Center for Digital Studies, Dartmouth College, USA, draws attention to this problem. The report, which should be essential reading for all who are serious and professional about their commitment to information security, can be downloaded from:
http://weis2007.econinfosec.org/papers/43.pdf