IT security and control firm Sophos has announced that the
application control feature of Sophos Endpoint Security and Control
has been extended to give businesses the option to block remote
connection tools, that enable employees to access remote-based PCs
or laptops from any other computer via the internet.
Remote connection tools represent a loophole in many businesses'
computer usage policies. Enabling office-based staff to remotely
access home computers while at work, allows them to visit any
website - including those that are banned by the company.
Similarly, connecting to work PCs from remote locations raises
security concerns for IT departments, which cannot verify whether
it is an employee who has connected to the network or if a hacker
has taken over the machine and is trying to access confidential
corporate data.
They also present a security risk as they allow the easy
transfer of data or files between corporate and non-corporate
computers and provide a backdoor for hackers to gain access to
company resources. In a recent Sophos poll, 80 percent of systems
administrators indicated that they considered remote connection
tools a threat to corporate security. With some users installing
pirated software or games on home PCs, administrators need to avoid
unwanted applications finding their way onto the business
network.
Survey results
Do you think that workers remotely connecting to
their home PCs from the office pose a security risk?
|
| Yes |
|
|
| No |
|
|
Sophos online survey, 200 respondents, August
2007.
"While remote connection tools can certainly make life easier
for those employees who need to work from the office, from home and
whilst on the road, their use can be a security nightmare for
systems administrators," said John Stringer, product manager at
Sophos. "If home PCs aren't properly protected, they can help
malware and hackers break into the corporate network. We're also
seeing more and more firms banning productivity-sapping sites like
Facebook and eBay, but the use of these tools means that staff can
easily circumnavigate corporate rules. With Sophos's latest
application control features, employees no longer call the tune,
and systems administrators can recapture control of the corporate
network."
Sophos's application control functionality has proven very
popular since its launch in September 2006, and is regularly
updated in order to meet concerns resulting from uncontrolled and
unauthorised use of applications in the enterprise. It is fully
integrated into Sophos Endpoint Security and Control, requiring no
further rollout of new software. It now gives companies the power
to selectively block remote connection tools, games, VoIP,
peer-to-peer (P2P), Instant Messaging (IM) and distributed
computing applications. It is available free-of-charge to all
customers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.