The,Right,Controls,the,Place,l computer The Right Controls in the Right Place
----------------------------------------------------------Permission is granted for the below article to forward,reprint, distribute, use for ezine, newsletter, website,offer as free bonus or part of a product for sale as longas no changes a Gone are those times when the companies and the organisations didn't need a hi-tech system to handle them. Owing to the considerable increase in the business sector and thus, an enormous increase in the complexity of the organisational struc
As of late the American media has been afire about someimportant data leakage events that appear to have occurred within the DefenseDepartment and it contractors in the February time frame.Blueprints and othersecret information on the Joint Strike Fighter and the Presidents personalhelicopter Marine One were leaked through P2P networks.Congressman EdolphusTowns sent a letter about the incident (PDF) to the Attorney General expressinghis concerns about the use of LimeWire and other P2P applications by governmentemployees and contractors.Much of the media reaction has been the traditionalresponse to these types of events.Firewalls need to be reinforced and Why dothese users have permissions to install such dangerous applications on theirdesktops?.I prefer to look at the problem a slightly different way.Firstly,more and more applications in this mobile Internet, highly social age havedefined themselves by simply working.To work simply means these applications donot expect home users, nor office drones to have the ability to adjust firewallrules to make their sharing application or VOIP program work.The designers ofthese applications for better or for worse have found creative, andoccasionally subversive methods to defeat our best defenses.They mimic webbrowsing, FTP, and a whole host of other applications in their attempts at gettingout.Secondly, most of the IT world is unfortunately running a host of legacyapplications, often requiring that administrative rights be granted to allusers.Recently Microsoft has begun implementing controls to draw attention tothe use of these rights, as well as informing the end user of the potentialdanger of their actions.Of course, we all become numb to it after awhile, andstart blindly clicking Accept like trained rats.Even if all this were possible,many applications need not be installed to run.Most users favorite dangerousapplications are available in the portable flavor.Portable Firefox, PortableSkype, etc.are not difficult to find and are freely available without requiringany administrative rights.Which ultimately brings me to the point You canttrust your users to be your trusted partner in protecting the desktopYour usersarent (usually) being malicious; they simply dont see it the way we do, norunderstand the risks involved in ignoring our guidance.One approach we havetaken at Sophos is to introduce the concept of Application Control.Thistechnology allows IT administrators to load virus-like identities from Sophosthat define legitimate applications that you do not want to run on yournetwork.By using the anti-virus product in this manner we can identify versionsof Firefox, Skype, LimeWire, Kazaa, etc before they are ever published.Legitimateapplications do not try to obfuscate themselves the same way as actual malware,making them much easier to detect reactively or pro-actively.Helping users dothe right thing in the simplest way possible should be in all of our bestinterests.Because this is an article entry, and not a novel, I will stop now.Perhapsnext time I will have the opportunity to talk about properly protecting thisdata in the first place, so it cannot be leaked in its naked glory.
The,Right,Controls,the,Place,l