Generation Tech: Gifted but a long way from bad
by Paul Kenyon - COO, Avecto - Monday, 19 November 2012.
They have been described as technology’s Generation Y or Generation Tech: an undisciplined, impulsive, entitled horde of twenty-something workers, seen as one of the biggest security challenges ever to hit corporate networks.

Having grown up in an age of lurching software advances, ubiquitous communication and social networking, this is not a group easily dissuaded from using any and every application by the old reasoning that software can be a ‘bit risky.’ The same applies to their attitude to BYOD, a trend driven by the basic social reality that workers of all age groups now depend on personal devices such as smartphones and tablets and won’t take happily to the idea of being asked to leave them at home.

If the ‘Generation Y’ label sounds a bit glib there is a small but growing body of evidence that a worker’s age does play some role in shaping attitudes to technology. A recent survey by Avecto of 1,500 IT admins visiting the TechEd US and European conferences found that workers between the ages of 20 and 35 – the Gen Y demographic - were seen by 80 percent of professionals as posing a formidable obstacle to application security.

Why? The tendency of this group to download unauthorised apps was the first big concern, with nearly forty percent of admins reporting having experienced a malware incident because of this behaviour. Three quarters of admins weren’t even sure how many unauthorised applications had been downloaded, which renders the issue of the damage caused almost moot.

Enough already

It’s not necessarily that older workers don’t participate in risky behaviour as well but that Generation Y is perhaps more active and confident in finding applications for themselves and utterly convinced of their right and need to have them. The survey implied that many admins try to cope with this by ‘flying blind’, that is they look to manage assertive users using manual procedures based on assumptions and trust. Without tools they have no obvious alternative.

Because Windows applications often demand privileges when installing or updating quite basic applications and add-ons, the easiest if most extreme response is to either fully enable or completely block such privileges. Some incorrectly assume that only esoteric apps still ask for admin rights but this is far from the truth. Here are a few common examples that will ask for privilege elevation:
  • Java
  • Flash Installer/Updater
  • Apple iTunes
  • Google Chrome
  • Firefox
  • Adobe Acrobat Updater
  • Skype
  • Blackberry Desktop Manager
  • Citrix GoToMeeting
  • Cisco WebEx
  • HP Universal Printer Driver
  • VLC Media Player
  • Adobe AIR.
To this should be added countless examples of legacy and bespoke applications. Blocking or enabling offers certainty but is counter-productive; enabling privileges allows dangerous applications to run at will while removing them stops legitimate and even necessary ones from running at all.

The common solution to this software checkmate that has been available since Windows Vista and Windows 7 is to allow privilege escalation on demand through User Account Control (UAC), but this too comes at a price; admins are bombarded with requests for passwords to elevate application privileges without the visibility to know whether a specific request is justified. Generation Y, meanwhile, is frustrated at even having to ask.

Windows 7

Migration to Windows 7 has turned out to be the important moment where organisations reassessed hardened assumptions about the way employees use and access applications and a growing number have concluded that the rational response is to invest in least privilege management. With this design, users can request application admin privileges on a case-by-case basis after authenticating themselves in a way that offers audited admin oversight.

Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //