“A study of 1,000 UK employees carried out by YouGov in 2006, revealed that 60% of users accessed personal web and email applications from corporate endpoints at least once a week. Unless carefully managed, these applications can expose the corporate network to malware infection, eating up available bandwidth and increasing the risk of running software targeted at stealing customer, product or financial data. In addition, the proliferation in low cost, high capacity USB devices, particularly those that can launch applications directly from the device, are creating an additional headache for IT managers.
Compliance is front of mind for most IT managers and software asset management forms a core part of this. A recent IDC survey found that 27 per cent of PC software used in the UK is illegal. However, in this age of consolidation, connectivity and mobility, IT environments are constantly changing, so companies have difficulty keeping track of exactly what software employees are using. An increase in applications, coupled with complex licence arrangements are making it more difficult for IT chiefs to maintain correct licencing. So how do IT managers get a handle on the issue?
Some have taken on a bouncer mentality, stripping staff of user privileges and effectively putting them on lock down when it comes to downloading files from outside the firewall or using USB devices, to prevent unauthorised software from running. This has created frustration among workers that have become accustomed to a plug and play lifestyle, causing some to flout security policy just to be able to get on with the job.
Life could be so much easier if we turned the problem on its head. Instead of trying to list every executable file that could fall foul of regulations, infect your network, or leak data from it, why not employ end point security software that only permits authorised and legal applications and devices to run?
At the heart of this whitelisting best practice is the justified assumption that anything not specifically authorised by the IT manager must therefore be regarded as potentially illegal or harmful. Just like a good doorman with a guestlist, if your application or device isn´t down, it doesn´t join the party. So if a new virus starts doing the rounds, it will simply not be able to run. Likewise, if you are concerned that staff are using up bandwidth playing with Google Earth, or if you´re worried that the version of Windows being run in Marketing isn´t strictly legal, this whitelist approach will put a stop to this.
By employing the whitelist approach, IT managers can sleep at night knowing that nothing can run on their networks without their specific authorisation. As well as protecting against the known and future security threats, this also helps IT ensure that no unlicenced or bandwidth-hungry applications are being downloaded and run on the company network.
Illegal, unproductive or unlicensed software would not be able to run. If such a solution could also audit and report on what was running and automatically repopulate the whitelist whenever a patch update is undertaken, you could ensure you were running secure, licenced software throughout the organisation. Whitelisting end point security software should now be seen as not only the new frontline defence against all malware, but also an effective route to ensuring software asset compliance. This enables IT managers to take full advantage of connectivity and mobility, without risking the business.