The UK has the second-highest unlicensed software in Europe, totalling £1.3 billion. For software vendors, this is an opportunity to drive revenue using compliance frameworks. For businesses, this is both a security and commercial threat. The report also indicates that most companies do not know how much software their employees are installing on their network.
30% of the employees surveyed suggested that their employers do not fully know the software they are loading on a company’s networks. Businesses that are in such a situation expose themselves to three major risks:
It is a well-known and well-accepted fact that most malware comes from unlicensed software.
Unlicenced software will attract compliance audits from software vendors. Most software vendors use some type of mechanism to identify networks that have unlicensed versions of their software.
Both of the above can lead to some significant (unbudgeted) commercial outlay.
The two most cost-effective and high impact solutions to mitigate the above risks are:
1. Frequent and Efficient Employee Training
Almost all employee training is conducted in an isolated environment and does not have the right amount of seriousness associated with them. For some reason, employee training is seen as the second sister of nobody, and as a result, the training does not offer high impact gains on day-to-day tasks. One of the practical tips to deliver high impact training is to involve the higher management of your organisation (not just a presence or an email, proper involvement and participation).
2. Accurate network monitoring or asset discovery tool
A good asset discovery tool will discover assets on Active Directory Domains as well as IP Segments.
Contemporary asset discovery tools also understand the communication between routers, switches, applications, hosts, temporary servers and load balancers. In effect, a modern asset discovery tool can not only discover assets on your network but can also understand the communication between your assets.
As most of you may be aware, an asset discovery tool identifies and maintains a directory of active and inactive (IT) assets on your network. Analysing and identifying asset clusters, an asset discovery tool tightly manages and identifies your IT assets. By identifying clusters at an operating system level and software level, an asset discovery tool identifies the relationship between usage, device and network.
As a result, modern asset discovery tools empower organisations to advance their fault resolution, device management, configuration management and asset maintenance tasks.
Asset discovery tools provide the foundation to identify and maintain authorised as well as required assets on your network, allowing organisations to mitigate security, compliance and commercial outlay risks.
If you do not have a network discovery tool yet, you can shortlist and compare asset discovery tools here.