fbpx
 

SANS 20 Critical IT Security Controls #2: Inventory all Software

Most companies do a pretty good job of keeping an inventory of all their hardware such as servers, work stations, laptops and PD As. However, companies don’t usually put the same type of effort into tracking software that’s installed on their systems. Of course, there are many strong reasons for this, including the fact that it’s not easy to keep update with all the different types of software you need to use today. Hackers are always looking for vulnerable software they can exploit. Especially dangerous are the when users go to entrusted web sites, where they could unwittingly download malicious software that could acts as a Trojan software, setting up a backdoor program that can exploit your entire environment.

To keep your IT systems really secure, keep an up-to-date inventory of all your software, including desktop software as well as business software such as those that deal with ERP, for example. You must list all the authorized software that’s supposed to be installed on each server, work station and laptop owned by your company. For most medium and large companies, a software inventory tool is very useful. The tool will tract and record the type of software as well as its version and patch levels. Thus, you’ll have true picture of how up-to-date you’re with patching and upgrading software across your organization.

Automated software tracking tools also check for and proactively monitor the installation of unauthorized software. Mind you, this software might be actually useful to your company and is usually installed by a well meaning employee. However, if it’s not an approved installation, the tracking software will flag it. You can also created white lists that let a system run only approved applications and keep all other applications from running.

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*