Digital Trust has always advised clients to restrict or forbid toolbar use in corporate environments and on personal computers. The insidious nature of software has led to several failures in security stemming from toolbar installation. Simply put, 1) your computing activities have value 2) useful appearing software can be a Trojan horse for insidious software gaining access to your machines.
Given the value of our privacy and the value of our data, it is only natural that evil forces will try to gain access to our systems. Further, given the nature of programming, it is only to be expected that even the best toolbar coders will make mistakes that compromise our expectation of privacy. Google, arguably the smartest tech company in existence, fell on its sword with their search toolbar when it was found that turning it off didn’t keep it from reporting back
to the mother ship.
And industry is seeing an uptick in corporate espionage, which means a single workstation on your network that installs a bad piece of code can result in catastrophic failure of your security measures. It is imperative that organizations begin whitelisting practices to restrict what can be run on corporate computers, and access controls to restrict who can communicate with the network.
It all has value to someone, and the more competition heats up, the more likely it is that your company will be targeted. A layered security implementation that properly addresses the risks and asset protection needs of your company is a requirement; to not pursue a measured, reasonable response begs being labeled as negligent, and failing your customers.
Digital Trust, can, of course, help with all of this, but more importantly, find someone you can work with to secure your corporate assets, and don’t neglect your personal home computers.
Evil people are hunting your data, sometimes more, sometimes less, depending on what you do, but they’re out there. If for no other reason, your computing assets have value as a platform from which to launch attacks against a target of value. So protect yourself. It’s much more enjoyable to have a security professional tell you about an exposure than it is to talk through the incident with the FBI. Do your risk assessments. Be secure.
Digital Trust, LLC
This blog and it’s contents copyright 2010 Digital Trust, LLC. Republication of this post is permitted provided it is strictly on internal corporate messaging systems; no public re-use is permitted without licensing. Any republication or reuse is forbidden if the Digital Trust name is removed.