The Respect of Your Peers? Peer-to-peer computing is coming, But is it good for your company?

Back before Napster's legal morass, the ultrahip Web music provider's ability to attract tens of millions of MP3 file-swappers virtually overnight caught everyone's attention-and led to dozens of copycat peer-to-peer networks. Indeed, P2P networking among individuals is supposed to be the proverbial new computing paradigm. Some have gone so far as to deem 2001 "The Year of the Peer."

If so, that's not necessarily a good thing. There's a chance your company could get served a heaping helping of P2P before the concept is fully cooked. So? That's how streaming video, biometrics and most new technologies come to fruition, isn't it? True, but the acronym "P2P" doesn't refer to only a technology. It's also a socio-economic philosophy that's best summed up as "What's yours is all of ours."

The last time we checked, you're all about making money and holding down costs. With those priorities in mind, you should take a careful look at P2P before inviting it onto your network. It still has three major shortcomings that could drain your company's IT support and networking budgets-or worse:

1) Lack of common programming standards and protocols,
2) Lack of security, and
3) Lack of respect for people's private property.

The first problem will get worked out-probably long after the current trickle of P2P applications becomes a flood. Security is likely to be a problem, resulting in higher costs overall and the occasional expensive disaster. But that last problem, that's the tough one. It arises from our changing social mores and isn't likely to be helped by bestowing an identifiable address on every PC-or, in the P2P vision, on every file on every PC.

With Friends Like These . . .

Yes, the unused processor cycles of the 100 million or socomputers hanging off the Internet is a wonderful untappedresource. Yes, bizarre projects like SETI@Home (Search forExtraterrestrial Intelligence at Home) demonstrate that unusedprocessor time can be harnessed for the most ambitious tasks. Butwho owns those unused processor cycles? Apparently, the answer fromthe most ardent P2P enthusiasts is: The People.

Voluntary communal projects like SETI have little impact on yourcompany. The stakes get higher as we pass through your firewall andtake a peek at some of the things your employees might already bedoing on your company network. Research company Computer Economicsvice president of research Michael Erbschloe reports that personalactivities, such as online banking, recreational Web browsing andMP3 file-swapping, can consume as much as 25 percent of a companynetwork's capacity today.

Gartner Inc. research director Rob Batchelder puts that figurebelow 20 percent as a rule. Either way, monitoring or policingunauthorized Web use in a 100-person company requires the fullattention of approximately one IT staffer, suggests Erbschloe.

That's today. Now let's imagine a future in which staffmembers swap not just music files, but also your network's datafiles and executables with others on a large scale. That'sexactly what some segments of the P2P glee club envision-givingyour employees the unfettered right to share your company data andother material with whomever they deem appropriate.

To get a feel for this mode of thinking, read any of the reportsor editorials from the recent P2P Conference held by technologyportal The O'ReillyNetwork. "You hate the IT department, and they hate youright back," writes Clay Shirky, a partner in the investmentfirm Accelerator Group. "The mutual enmity between the averageIT department and the average end user is the key feature drivingP2P adoption in the business setting."

Batchelder insists these attitudes are foreign to the for-profitsegment of the P2P community-the ones who want to bring products inthrough your front door. P2P start-ups like Groove Networks andXDegrees have real, live business plans with cash-flow models andstrategies to address enterprise security, network load managementand other IT concerns. But they exist alongside people who areintent on bringing Napster clones in through your back door-andhave a resonance with the public. The majority of Internet usersrecently surveyed by the Consumer Electronics Association said theyshould be able to download online content for free. And a veryvocal segment of the P2P community wants to take the locks off thedoors and see what happens.

Back to Business

Batchelder believes the attitudes of legitimate marketstakeholders are likely to prevail-at least for business products.Companies like XDegrees envision something like virtual privatenetworks extended to audiences outside the firewall. CEO MichaelTanne, whose P2P application-development server should ship thissummer, is going to great lengths to ensure security.

But like all PC locks, his system will only be as effective asits least conscientious user. No one is more thrilled by thepossibilities of P2P than hackers, who live to uncover human error.P2P complicates security issues by orders of magnitude, says RobClyde, vice president and chief technologist at Symantec Corp., andgreatly increases the potential for mistakes.

Security experts are unanimous that a key element of network anddesktop defense is to simply not be visible to Internet prowlers.Once you've invited a hacker through an open PC port and ontoyour hard drive, it's a whole different ballgame, saysClyde.

Hackers were the first to write P2P applications. They'recalled Trojan horses, and P2P networks like Napster and ICQ aretheir preferred channels of distribution, says Jim Weaver, 45,owner of Cyber Resources, a Crestview, Florida, security consultingfirm.

Based on the fact that the best and brightest of SiliconValley-right up to Intel itself-are all worked up about P2P,there's a certain inevitability to it. But don't forgetabout the vampires out there. The Internet is dangerous enoughoutside your firewall. But, as anyone who has ever seen a vampiremovie knows, your troubles really begin once you invite one in overyour threshold.

It's 2 a.m. Wednesday morning. Do you have any way ofknowing whom your always-connected computers are talking to?

Mike Hogan is Entrepreneur's technology editor.You can e-mail him at mhogan@entrepreneur.com.