Editorial & Analysis
Popular
Technology Categories
- Security (291)
- Uncategorised (255)
- Desktop Virtualization (236)
- Business Continuity (225)
- Public/Private clouds (222)
- Applications (217)
- BYOD (197)
- Server Virtualization (192)
- Network Virtualization (187)
- Storage Virtualization (171)
- Big Data (161)
- Network Perfomance Management & Monitoring (155)
- Availability (153)
- Archiving & Back-Up (138)
- Consolidation (128)
- Wireless LAN (125)
- Systems Management (121)
- Performance Management (119)
- Network Capacity Planning & Management (117)
- Hosted solutions / applications (117)
- Software as a Service (SaaS) (113)
- Infrastructure as a Service (IaaS) (112)
- Network equipment, Repeaters, Hubs, Bridges, Switches, Routers (110)
- Governance, Risk & Compliance (106)
- Data Deduplication (104)
- Servers/Hardware (99)
- Mobile Security (96)
- Virtualization Security (91)
- Capacity Management (91)
- IP Convergence (89)
- Storage as a Service (86)
- Application Delivery Network (86)
- Storage Networking – IP storage,Infiniband & iSCSi (86)
- Disk Storage, Flash, SSD, Optical (85)
- Storage Area Networking (SAN) (84)
- Business Intelligence (82)
- Wireless Security (81)
- Automation (80)
- Unified Communications (78)
- Energy Efficiency (76)
- Enterprise Mobility Management (74)
- Mobile Device Management (73)
- Flexible & Smarter Working (71)
- Risk Management (71)
- Campus Networks (68)
- Recovery (65)
- Design & Build (64)
- Platform as a Service (PaaS) (63)
- Managed Security Services (61)
- Content Monitoring/Filtering (59)
- Risk Analysis (55)
- Identity & Network Access Control/Management (53)
- Managed Network Security Services (51)
- Managed Hosting (51)
- Business Impact Analysis (50)
- Email Archiving & Management (48)
- Smartphones/Tablets (48)
- Collaboration Tools/Applications (47)
- Storage Resource Management (SRM) (46)
- Enterprise Content & Document Management (46)
- Mobile Enterprise Applications (45)
- Network Attached Storage / NAS (43)
- IPv6 (42)
- Cabling (41)
- Mobile Platforms (41)
- Fibre Channel over Ethernet FCoE) (40)
- Penetration Testing/Risk & Vulnerability Assessment (38)
- Thin Provisioning (38)
- Information Lifecycle Management (ILM) (38)
- IP Telephony (37)
- Workflow & Process (37)
- Load Balancing (37)
- Forensics (35)
- Optical Networks (33)
- Regulation & legislation (31)
- E-Discovery (30)
- Unified Threat Management (30)
- VPN/SSL (30)
- Communications-Enabled Business Process (29)
- Power & Protection (29)
- Tape Storage (27)
- ISP's (26)
- Enterprise Search & retrieval (24)
- HPC (23)
- Collaborative Communications servers (Exchange etc) (22)
- Metropolitan Networks (22)
- Mesh Networks (21)
- Encryption/PKI/Digital Certificates (20)
- IP PBX (20)
- Field Services (18)
- Video/Web Conferencing (17)
- Audio Conferencing (16)
- Openflow/Software Defined Networking (15)
- Transparency (15)
- Fixed Mobile Convergence (14)
- Classification (14)
- Risk frameworks (12)
- Instant Messaging (12)
- Wireless Expense Management (11)
- SIP Trunking (10)
- Data Masking (9)
- Presence (7)
- Social Software (7)
- Data Erasure (6)
- BS25999 (5)
- HVAC (5)
Popular Categories
Unauthorised apps creating network risks
05 Sep 2012
New survey from Avecto reveals male employees between the ages of 20 and 35 most likely to demand elevated admin rights from IT.
While IT professionals recognise the dangers that unauthorised applications present to network security, most are allowing the threat to go unnoticed, according to a new survey from IT security company Avecto.
It questioned over 1,500 IT professionals attending TechEd North America 2012 in Orlando and TechEd Europe 2012 in Amsterdam, and found that more than one-third (39 percent) have reported a network infection as a result of an unauthorized application being downloaded on their network. In addition, the survey found that more than three-quarters (76 percent) said that they didn’t know how many unauthorised applications have been downloaded on their networks.
According to Avecto’s cofounder and chief operating officer Paul Kenyon, this disconnect suggests that organisations will continue to invite infection to their networks, if they provide excessive administrator rights to users, enabling them to download applications that contain malware.
“The answer is simple – don’t give admin rights out to everyone, only to a few key IT administrators who really need them. You will see an immediate decrease in security risk and associated downtime, as well as an increase in productivity from IT,” he said.
Four-fifths of those surveyed pinpointed male employees, between the ages of 20 and 35, as the most likely to demand elevated rights. “When considered in parallel with other trends blurring boundaries at work, such as BYOD, a troubling trend emerges, in which younger workers have potentially dangerous expectations regarding technology and the workplace,” says Avecto’s report.
These workers, says Kenyon, often come into the enterprise with the same expectations of access and availability that they are accustomed to outside of work. In many instances, he adds, they have the skills and experience to work around basic security protocols to get what they want. On top of this, many IT departments now elevate users to admin rights as a means to shortcut IT support for solving basic problems.
“Considering these factors, it’s more important than ever for organisations to have a solution in place that enables the quick and secure removal of admin rights from users and the ability to deploy policies that elevate all of the legitimate business applications that require privileged access using privilege management technology,” says Kenyon.
At IP EXPO 2012, there’ll be a host of presentations on the subject of IT security, including Richard Hibbert of SureCloud’s seminar, ‘A Practical Guide to IT Risk Assessment’ on Day One (Wednesday 17 October). On Day Two, Niklas Eklov of Splunk will advise attendees to ‘Think Like a Criminal’, in his guide to protecting IT systems against unknown threats.
