Enhancing strict control over employee software installations can help companies improve their cybersecurity posture.
The majority of cybersecurity incidents share a common cause: end-users installing or running programs that are not managed or approved by network administrators. Most cyber attacks occur due to users inadvertently installing malware (malware refers to software that disrupts application functionality, attempting to hide and evade detection by anti-spyware, antivirus, and system utilities), including many programs that are very dangerous and can be attacked immediately upon installation, such as viruses, worms, Trojans, and spyware.
Meanwhile, there are many other programs that may initially be very useful but later facilitate other forms of security attacks. It can be said that any software installation action, whether it’s Skype, Java, RealPlayer, Firefox, QuickTime, iTunes, or even antivirus software, increases the risk of attack. For instance, if a company allows its employees to install Macromedia Flash tools, the computer systems could be attacked by malicious Flash control codes. Additionally, installing quick search toolbars or Google desktop search can put sensitive information at risk of being accessed. Even when a company permits employees to use personal CDs on company computers, the risk of malware infiltration is high.
Therefore, what companies need to do to minimize cybersecurity vulnerabilities is: Control the software that employees install and use; identify what browser add-ons are running on machines and which ActiveX controls are installed (ActiveX controls are standard systems used to build components in the Windows environment); IT professionals must maintain the highest level of control and grant installation permissions. Of course, these measures are often thought to be time-consuming and costly, but in reality, they pale in comparison to the time and money companies must spend fighting malware, viruses, worms, Trojans, spam, and other forms of attacks.
Although, in practice, achieving 100% control over what employees install or download from the Internet is nearly impossible, companies can still manage computer security risks by developing a control plan based on the following considerations:
– Establish and educate employees about the company’s software installation policy, ensuring they understand that software they intend to install needs to be approved by an administrator.
– Advise employees on which types of software to avoid installing, helping them understand that any software carries inherent risks, whether direct or indirect, to cybersecurity.
– Implement a mechanism that allows administrators to know what programs employees are running on their computers. If the company cannot control installations, it must at least be aware of what programs employees are actively using.
– Develop a process to ensure that new applications are installed safely; for instance, the company may wish to eliminate certain file-sharing or peer-to-peer software applications.
– Ensure the activation of automatic updates, if available, for software. However, one should not fully rely on this feature, as some new software versions may not effectively eliminate older, vulnerable codes, such as the newer versions of Adobe Acrobat or Java from Sun Microsystems.
– Remove all high-security-risk programs while penalizing employees who repeatedly install unauthorized software.
– Establish a method to monitor content layers to prevent unauthorized protocols from infiltrating the computer systems during application installations.
– Raise administrators’ awareness of new programs and require them to report any newly discovered risks to the IT Manager for analysis and timely action.
One thing is certain: office employees will continue to install and download more software, and thus the threat to cybersecurity will become increasingly unpredictable. What we can do is control what has been installed and is running on managed computers.
Bá Lâm
