Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Freeware and beta software blocking for VMware

Sophos : 22 October, 2008  (New Product)
Endpoint Security and Control from Sophos now features ability to block application downloads in virtual environments
IT security and control firm Sophos has announced that the application control feature of Sophos Endpoint Security and Control has been extended to give businesses the option to block Virtualisation applications, including free desktop and data centre products from VMware, as well as tools from DosBox and Microsoft's Virtual PC 2007. The growing popularity of Virtualisation tools and the ease with which they can be downloaded means that there is a much greater risk of end-users creating a virtual environment in which to run unauthorised applications, from games to browsers to beta software.

While Virtualisation can represent real value at this time of increasingly constrained IT budgets, Sophos notes that IT administrators must prioritise management of these virtual desktops, as unmanaged virtual computers can open holes in an organisation's security system. However, a recent Sophos poll* has revealed that more than half of all businesses do not know how many employees are running Virtualisation software on their computers.

"Virtualisation tools represent a black hole in many organisations' IT security - if staff are allowed to download these tools and create environments that are completely hidden from IT administrators, it's impossible to defend them against cyber attacks," said Richard Jacobs, chief technology officer at Sophos. "While employees may simply be trying to get round a ban on social networking or using instant messaging at work, doing so in this way poses a real threat. In fact, uncontrolled and unmanaged virtual computers could lead to potentially disastrous consequences, including corporate identity theft, financial losses and embarrassing headlines."

Sophos notes that as more and more employees have considerable IT knowledge, it is vital that businesses have complete visibility of the corporate network. This is especially important given the growth in the number of free Virtualisation tools on the market - while employees may be downloading them with no malicious intent, the ability to run whatever they choose on their virtual desktop means that the company may be facing cyber risks unbeknown to anyone in the organisation. For example, an unauthorised virtual browser may not be up to date with security patches giving hackers a potential vector of attack, or the user may be running unprotected peer-to-peer (P2P) programs virtually.

To overcome this, Sophos recommends that companies ensure that employees are not only aware of the firm's acceptable usage policy, but that IT staff also have visibility into which applications staff are downloading and using. By effectively managing and securing the virtual environment, businesses can enjoy the benefits of Virtualisation without the associated risks.

"By enabling organisations to reduce the amount of hardware they need, Virtualisation can offer real cost-saving benefits - especially important in the public sector," said Antony Barke, senior technical engineer at Basildon and Thurrock University Hospitals NHS Foundation Trust, a Sophos customer. "However, it's essential to secure the virtual environment, just as you would the rest of the corporate network - the same threats exist and this shouldn't be overlooked. With the right security measures, virtual machines are a real asset to the network, rather than a potential liability."

Sophos's application control functionality has proved very popular since its launch in September 2006, and is regularly updated in order to meet concerns resulting from unauthorised use of applications in the enterprise. It is fully integrated into Endpoint Security and Control, requiring no further rollout of new software. It now gives companies the ability to selectively block Virtualisation tools, browsers, remote connection tools, games, VoIP, P2P, Instant Messaging (IM) and distributed computing applications. It is available free-of-charge to all customers.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo