Once again, when it comes to office Internet access, employees prove the old saying that “when there’s will, there’s a way.” Even with expensive enterprise security features in place, office workers inevitably circumvent them using proxies, encrypted tunnels, and remote desktop access applications. This is according to Palo Alto Network’s research covering nearly 900,000 users on 60 large corporate networks.

Peer-to-peer programs were monitored on 92% of these networks (BitTorrent and Gnutella the most common among them). Browser-based file-sharing and cloud-storage tools were also seen on 76% of the networks observed (like MegaUpload and YouSendIt). Some web apps are also being used, and while they are helpful to those who need to do off-site work, Palo Alto Networks says they are questionable in terms of security compliance and therefore pose a risk.

Another negative effect of these unwanted applications is that they gobble up a huge amount of bandwidth. The report found that 51% of the bandwidth being consumed by companies was due to 28% of the apps used, a majority of them consumer-oriented (media, social networking, P2P and browser-based file sharing, web-browsing and toolbars).

Today’s applications were designed to be greatly accessible, and so they navigate corporate firewalls easily (or would, with a little help from office techies). It’s difficult to block them permanently with users quickly adapting to barriers. Palo Alto Networks recommends filtering traffic by application type, content and user, as opposed to the traditional way of blocking ports, protocols and IP addresses. This strategy may be more effective, but perhaps it will only be a matter of time before it gets cracked as well.

An alternative would be to understand the reasons behind the popularity of these rogue apps. Needs drive demand. Some of them may have legitimate business usage, such as cloud storage tools. In this case, companies may opt to provide a suitable substitute to their employees that comply with its security standards. They might also want to work with the application developers of popular apps to ensure compliance, and perhaps doing some tweaks to their own networks. Completely eliminating unsecure activities on corporate networks may be a tall order, but minimizing them is definitely not impossible.