"As we launch into the holiday shopping season, employees will inadvertently expose their company PCs and laptops to potential security threats," Gladstein noted. "It's critical that IT professionals proactively protect their endpoints by stopping unknown software from ever executing."
For example, Gladstein observed that employees are very likely to have vulnerable applications running on their systems, which are easily exploited by the latest attacks. He recently authored a research brief on the top popular vulnerable applications for 2007.
Fortunately there are easy and efficient methods that will help IT professionals guard against these online threats. Gladstein advises a simple five-step approach, including:
1) Define an appropriate application control policy
This policy should answer questions such as: What applications will we authorize users to install and/or run on their own? What software will not be authorized? Are unknown files that could potentially be malware, such as Grinch.exe, authorized to run in our environment?
2) Monitor your PCs
Not sure what's being copied onto the computers you manage? Use a software identification service to understand the true nature of that software. Free services such as FileAdvisor (http://fileadvisor.bit9.com) let you look up and identify unknown files like Grinch.exe.
3) Understand where the vulnerable applications are in your network.
A complete picture of where the vulnerabilities are on your network is required to ensure you are addressing them. After all, if you do not know a user is running a vulnerable application and they connect their laptop to a public wi-fi spot, you risk a possible intrusion and / or loss of data on that computer.
4) Be aware of new vulnerabilities
Stay on top of new vulnerabilities by visiting resources such as the National Vulnerability Database (http://nvd.nist.gov), the SANS Institute (http://www.sans.org), and the U.S. Computer Emergency Readiness Team (http://www.us-cert.gov).
5) Stop unwanted software before it executes
Consider using application control and device control products such as Bit9 Parity to help you control what applications and devices can and can not operate. Stopping unwanted software before it can execute will always be your best defense in protecting desktops, laptops, and servers from malware, spyware, zero-day attacks, and any unknown, unwanted, or unauthorized software.
"The bottom line is that you can't be careful enough," Gladstein summarized. "We recommend everyone implement application controls to ensure that unknown, unauthorized, or unwanted software that is downloaded, either on purpose or inadvertently, never gets a chance to run."
-------
Bit9, Inc. is the leading provider of application control and device control solutions. The company's award-winning, patent-pending whitelisting technology prevents malicious software and data leakage by centrally controlling which applications and devices can and cannot operate.
