In the last decade, cybercrime has industrialised. From phishing, to malware on mission critical systems, cyber attacks and security breaches are becoming more commonplace.
What’s telling is the time it takes to spot and address a security breach, with recent figures stating as many as 146 days. Companies are beginning to implement ‘detect and respond’ protocols, aided by real time monitoring. But many can also close their vulnerable loopholes by gaining a better understanding of their own software.
Microsoft officially ended support for its wildly popular Windows XP in April 2014. And yet, nearly two years on, 7.6 per cent of all PCs are still running on that operating system. A recent Verizon security report points out that hackers were able to access the computer systems of a water treatment plant, affecting the critical treatment process. Verizon blamed the attack on the use of outdated operating systems, and the fact that the company’s IT network relied on a single IBM application server which was released in 1988.
The hackers not only gained access to millions of customer records, but also the power to disrupt a nation’s water supply. This demonstrates how imperative it is to establish a strong first line of defence. It’s been widely speculated that the water plant in question was running XP and coupled with the relative ease that the hackers cracked the 1980s server, the company didn’t have a full understanding of the software it relied upon to operate.
It sounds simple, but identifying unsupported software and having a full inventory of what’s running can reduce the security investigation time and put the brakes on hackers. Just as you wouldn’t buy a Ferrari and leave the keys in the ignition – CIOs need to have an effective Software Asset Management (SAM) solution in place to alert to opportunities that hackers can exploit in order get behind the wheel of expensive IT systems.
Software recognition is key to identify both outdated and blacklisted applications. Software can be blacklisted as they pose a threat to the organization through viruses, Trojans and spyware. A SAM solution is vital to identify rogue software, prompting reports across the network before blacklisted applications manifest into a security alert.
Cyber security is not a luxury. Companies of all sizes are preparing for when, not if, they will suffer a breach. Software Asset Management tools let businesses know where potential weaknesses are and have the capability to maintain and detect blacklisted software, serving as a highly valuable ‘check and balance’ against security policies.
Even the best security programme can be undone if IT administrators don’t have a firm understanding of where all of the company’s software assets reside, making SAM a vital tool in securing the network.
David Foxen, Software Asset Management Evangelist, Snow Software