Employees Open The Door To Hackers
Monday, 22 August 2005 18:06 EST
AppSense Systems Audit Results Expose Risks From End User Activity
DARESBURY, UK, 22nd August 2005– AppSense, a specialist in system performance and security, today revealed the results of analysis that sheds light on the causes of security, legal and performance issues plaguing enterprises. The findings of 160 Systems Audits from organisations in the public, financial services, healthcare and manufacturing sectors, highlight a concerning trend in the download of unauthorised executables that cause security breaches. Risks identified come from both intentional and unintentional breaches of security policies by end users. These include infection by hacking tools and illegal applications, which open the door for viruses, Spyware, Trojans and other malicious code as well as leading to system performance degradation.
The AppSense Systems Audits, run on non-AppSense customers in the first half of 2005, collected live data over a period of 1,600 working days recording what unauthorized applications were being run, how frequently and by which users. In addition they identified executable viruses, Trojans, Spyware and other malicious code that had made its way into these systems. The majority of unauthorized applications fell into the broad categories of games, plug-ins, screensavers and media players, demonstrating that although users are not being malicious in their intentions, they are inadvertently risking security breaches and system slowdowns with their actions.
“It is commonplace for employees to be responsible for approximately 80% of security incidents affecting organisations. This is primarily due to a lack of awareness and knowledge but also stems from intentional workarounds by users,” commented Simon Rust, Director of Technical Services at AppSense. “Getting the detailed information and tools required to identify the exact executables and users that are putting their systems at risk is the first step. The next is to create a layer of defence that acts as a solid barrier to any unknown executable and goes beyond the capabilities of anti-virus and intrusion prevention systems.”
Intentional policy breaches by users are also highlighted in the audit analysis, with multiple instances of employees running command prompts and setup executables. Command prompts can provide a route into the system that bypasses carefully planned policies setup by IT managers. In the wrong hands they enable users to view restricted data, browse off-limit drives and access potentially sensitive data.
From a legal perspective, the presence of setup executables normally identifies activity around the installation of illegal software applications. With software licensing models constantly changing and varying between software vendors, maintaining the accuracy of licensing payments is a hard enough challenge for IT managers, without employees taking matters into their own hands. In addition, the unauthorised installation of new applications can have a negative impact on the performance of critical business applications, particularly if they are CPU or memory intensive.
The AppSense Systems Audit is an on-site consultancy service that delivers the facts about the performance and running costs of IT environments. Available exclusively through AppSense certified solution partners, the service is designed to help IT decision-makers understand how to get more out of their existing systems and protect their resources and employees. The consultancy service identifies problem areas, quantifies the issues and reports on how they can be solved.
About AppSense Ltd.
Today organizations of all sizes are challenged with improving the efficiency and effectiveness of their IT infrastructure. The drive to improve system security, increase performance and reduce costs, are common goals. AppSense software has solved these problems for thousands of organizations and is installed on hundreds of thousands of desktops and servers across the world in organizations such as EDS, Alstom, HP, Deutsche Borse, National Blood Service, British Telecom, Home Shopping Network, Daimler Chrysler, CSC, BAA and the Federal Aviation Administration. AppSense solutions have been designed for servers and desktops which are based upon the Microsoft Windows platform and are ideal for Terminal Servers, Citrix MetaFrame Presentation Servers, Web Services and other critical business systems. AppSense operates through a world–wide channel of certified partners with offices throughout North America, EMEA and Asia Pacific. www.appsense.com
|
|
GFI LANguard Network Security Scanner - Is your network open to attack? Find out with the
#1 sold network security scanner: GFI LANguard Network Security Scanner! Download your FREE
trial version today.
Latest News
Hyperic HQ enhanced with code auditor
17.10.06 Hyperic, a multi-platform, open source IT management solution provider, has enhanced the security of its Hyperic HQ IT management platform with a comprehensive code audit, courtesy of Fortify Source Code Analysis.
Managing a Honeypot
17.10.06 It's no secret that many intruders choose their victims by scanning large chunks of addresses and searching for services vulnerable to existing tools and exploits.
Zombie Prevention Strategy for Service Providers
17.10.06 With billions of spam, virus and phishing messages being sent daily from hijacked PCs, messaging security company Cloudmark has launched an extensive effort to help service providers detect, remediate and prevent attacks from computer zombies.
Truphone launches mobile VoIP service
17.10.06 Truphone has announced a beta version of its free VoIP download for Nokia Wi-Fi-enabled N80 mobile handset.
UK approves biometrics
17.10.06 The UK public is now overwhelmingly in favour of wider biometrics use.
Mobile VPN support for Nokia Series 60
16.10.06 AppGate Network Security, a provider of network security solutions, has announced Mobile VPN support for Nokia Series 60 3rd edition mobile phones including the E61 and N70.
Microsoft opens Vista code for security firms
16.10.06 Microsoft says it will share parts of its Vista code to security software firms to enable their products to work smoothly with its Vista operating system.
SafeNet Sentinel Hardware Keys for Linux
16.10.06 SafeNet has announced the release of Sentinel Hardware Keys for Linux platforms, allowing software developers in the Linux community to protect 32-bit software applications from piracy and implement flexible licensing models.
|
|
