Kaspersky Lab raises red flag on app controls
Cyber-sec specialist says 57% of firms fail to control apps
Security specialist Kaspersky Lab today claimed that 57% of companies do not use any specific tools for application control, citing a survey conducted in collaboration with B2B International in November, 2012.
"Restricting the launch of third-party applications enhances the security of corporate workstations and increases employee efficiency," Kaspersky Lab said in an emailed statement.
Among the many methods employed by cyber intruders, disguising malware as a popular application is argued by many IT security companies, including Kaspersky Lab, to be one of the least guarded against.
When an employee tries to run an application, an infrastructure can be compromised if malware is hiding behind the software. To prevent such incidents, Kaspersky Lab insists that companies need to develop and enforce security policies specifically addressing the installation and launch of applications; but not all are doing so. According to the survey, the majority of companies have no means of controlling applications and 17% of companies have no interest in using new application control technologies or may not even be aware of them.
Kaspersky Lab said that a similar state of play exists when it comes to connecting external devices and data carriers: only 44% of companies pay enough attention to this issue and deploy device control tools, while 17% of companies are not aware of device control tools or have no interest in using them. Meanwhile, malware distributed through USB carriers represents a continuous threat: in 2012 alone, Kaspersky Lab claimed its own security solutions prevented more than 3bn local infection attempts. Moreover, giving employees total freedom to connect any external device to the corporate network increases the probability of data leakage, Kaspersky Lab said.