How can SAM improve IT security?
Nowadays, IT security matters are sufficiently important to pay special attention to – it is not an accident than mass media provides information on new cyber-criminals, malware and various scandals due to information leakage time after time.
At the very first moment, IT security and software asset management (SAM) do not seem to be closely related concepts, however, persons, who are responsible for the software asset management, as well as the management tools may provide a lot of useful information, thus, helping to find possible “holes” in security and weak points in the IT infrastructure.
Arbitrarily installed, unauthorized software in the computer net may cause a number of financial, productivity and security risks.
Depending on the level of software asset management within the organization, software may be considered unauthorized in the following cases:
- Software may perform sabotage within a company’s computer network and/or is included in the “black list” of the IT department, for example, file exchange, “torrent”, spying software;
- Software is not included in a standard software package, issued to the user together with the computer upon commencement of employment relationships; Software has been installed without appropriate licence and permit from the IT department or the direct superior. Usually, such a software is being arbitrarily downloaded and installed by using the administrator rights available to the user Employee has taken the software from home and installed on the computer. Software, the use of which in companies’ computers is forbidden according to the conditions for use, might be set as an example;
- Software is not related to the company’s business goals, for example, computer programmes for playing poker game online.
These are the situations frequently faced by company’s IT manager or the person, who is in charge of the software maintenance and provision of licences within the company. The compiled “black list” or the list including names of the software, which is potentially undesirable and harmful to the IT environment or business goals is frequently a decisive factor in detection of unauthorized software. Compilation and maintenance of such a list is a challenge for everyone, who has worked in the IT administrative function at least once in the lifetime. Significant roles are played by various software and computer monitoring tools, which are useful for centralized access to data, analysis thereof and constant following to the changes of software. Control tools, which are intended for the management of especially adjusted software, for example, SNOW Software, usually offers compilation of “black lists” right in the tool itself and following thereto in real time to find the computers and users, which are using (have installed) unauthorized software.
The best solution, of course, is installation of anti-virus and security software in each computer.
However, has the latest anti-virus software version been installed in all computers?
To make sure of this, software asset management or inventory solutions, which are able to show the latest updates of software installed in the company’s computer systems, may be useful, thus finding and “catching” the computers, which have not been installed anti-virus client, for example, by compiling lists of “must have” software, including anti-virus, which must be installed in computers. It is also important to find the computers with outdated anti-virus client software. For example, if a company has been using ESET as the basic anti-virus for several years, versions like ESET Antivirus 4.0, ESET Antivirus 5.0 [..], up to the latest Antivirus 9.0 version may be found in computers. Usually, variety of anti-virus clients can be explained by the fact that anti-virus client is being installed in the computer after purchase thereof, but later on management of anti-virus version is being forgotten.
From the viewpoint of security and management, it is as important to make sure that the anti-virus software used in the computers is standardized – to avoid installed (frequently – arbitrarily installed) solutions of various producers.
Software unsupported by producer
Talking about versions of operating system, such as Windows XP and Windows Server 2003, it can be frequently heard that Microsoft has quit the extended product support, which means that the producer has quit to issue new security “patches” for these operating systems. In practice, it means that villains have advantages to find new weak points of the system, which would not be eliminated by the producer in the future by updates, thus, these weak points would be used for malicious actions or attacks.
However, reality shows that there are a lot of companies out there, which are still using some of these operating systems for the provision of crucial business processes or work using outdated software, which is not supported by the latest versions of operating systems, or these old systems are being used for some other intentions known only to the company.
Thus, such computers may turn out to be a potential security threat, therefore, it is necessary to gather information about all computers with unsupported software, to plan update to newer versions of operating systems or, in case of crucial systems – to increase control and provide tighter monitoring of system operation.
Situation is similar with outdated products of other producers, when a producer has stopped issue of security updates. Unfortunately, there is no “magic” way of automated finding and identification of software, which has become unsupported by the producer, because frequently stopping of support may be very specific for individual software producers and products – issue of updates may be stopped for products, which are older than a specific issue, for example, like version 2007 of Office. IT specialist, who works with matters related to software management, must be able to identify such software to reduce security risk, which may be caused by use of unsupported software. Automated software management tools frequently offer functionality, which helps in finding release date of the software by using special software catalogues, thus facilitating identification of risky and outdated software.
Due to the fact that local servers and data centres can be found in nearly every company, it is important to provide full protection of servers. Security and functional updates may be included among the server maintenance works to be performed on regular basis to prevent the possible security risks. Specialists of IT and data centres are frequently interested to find out information about the update versions used on Windows and Linux servers, and whether all servers are being used with the latest patches. Although, usually collection and centralized recording of such information is rather manual work to do, software asset management tools can help in finding servers containing specific information on the latest update (name or sequence number).
Correct choice and use of software and choice of adequate strategy plays very important role both from the viewpoint of security, and management. In order to secure or at least reduce data security risks in today’s dynamic environment, we have to be flexible and look forward. Introduction and support of the role of software asset management may provide several benefits and better control over the current IT environment, as well as reduce security, technological and financial risks.
Team of SQUALIO experts can help you to assess the level of software asset management in your company, to prevent potential risks and select the most suitable tool for your IT economy.