There are thousands of tools available online that could aid your employee’s productivity and development. But what are the risks of allowing these unauthorised programs onto your network? The truth is you don’t really know until they’re installed. So ask yourself the following questions before authorising the installation of any third party software…
1. Have you checked the Exploit database and CVE dictionary to check if any vulnerabilities are recorded?
2. Could the code be tested for security flaws before it’s installed onto your network
3. Are the plug ins publically accessible?
4. What resources do you have in place if vulnerabilities are found?
5. What’s the worst case scenario? Could your network be taken offline? Could sensitive information be stolen?
The best advice is to only get to the stage of asking these questions if the software will have a significant improvement on the task in hand. If not then don’t take the risk.