The Risks of Unauthorized Software

The Risks of Unauthorized Software
Background
Threats
Consequences
Controls
- impact Malware
- loss of data on disk
- lanch an attack
- flood network for DOS
- send confidential information out to the Internet
- compromise the security of a machine
- Piracy
- Abuse of software licenses can result in financial penalties, legal costs, and damaged reputation. Additionally, administrative personnel of VBSD can be held individually liable, both criminally and civilly, for any copyright infringement that occurs within the district.
- When using unlicensed software, the district will not be eligible for technical support from the software publisher.
- Enforce that only approved software is installed on system computers
- some AV products
- Sanctuary and Bit9 Parity provide different policy options on how to deal with unauthorized software
- NetCensus
- NetCensus asset recognition software from Tally Systems. NetCensus, which runs at boot time, takes a complete inventory of the hardware and software on a PC, including software manufacturer, name, version, and serial number.
- he and his staff can delete unauthorized files from the network from a centralized location
- Regulate which mobile code can be downloaded
- ActiveX for example
- Lockdown a machine
- what does this mean exactly?
- The first step is to try and make sure employees can't install applications--this will solve a big portion of the problem
- can look up some eWP policies here
- Software management process
- MS solution
- Stop it at the source
- The second step is to realize that most of the unauthorized software and illegal software are downloaded from the Internet
- filtering, blocking at different layers
- threaten to log Internet download activities
- Businesses should have a centralized managed policy to manage traffic or files that are going in or out of the enterprise
- limit number of hours connected and at which time
21