How to improve your IT security with SAM

The situation

When it comes to unexpected costs in the world of software, most software asset managers are focusing on one single risk: Incompliance due to unlicensed/misused software. And it is indeed true that globally, incorrectly licensed software costs organizations billions of dollars every year – totally unbudgeted.

But it is in fact not the biggest risk from a business cost perspective. What should also be recognized as an enormous risk is a security breach. According to various sources (listed below), cyberattacks costs organizations over half a trillion USD each year, and every successful cyberattack produces an average cost of over ten million USD.

Now, many of you may scream out: “But you said unexpected costs in the world of software – security breaches are related to network security, firewalls, anti-virus and data security polices! – Which is conventionally unrelated”

All of this is true, but there is a crossover factor which is a huge security risk that many companies fail to acknowledge: Unauthorized applications/ End-Of-Life (EOL) software.

In general, there is a reported malware attack every 7 minutes. For high-risk organizations, such as banks, that timeframe is changed from minutes to seconds.  In fact, new pieces of detected Ransomware alone increased by 36% from 2014 to 2015, and the numbers have been continually increasing at the same pace since then.

A big factor to this increase, is software installed directly by the end users. In practice, 26% of employees have admitted installing personal/non-approved software on their work computers. Software that might not be malware, per se, may contain security vulnerabilities in its code that could work as a Trojan for more unwanted software.

The second part of software as a potential security breach is software that has reached its End-Of-Life (EOL). Conventionally, all software reaches a point where it is no longer supported, updated or patched. When this happens, it can be a highway for hackers straight into the deepest part of your protected network. An anti-virus or a firewall may never alert you to the fact that the software you have installed (published by highly respected software vendors) is no longer subject to security updates/patches, and therefore, just like unauthorized software in the example above, could act like a Trojan horse in your internal network, presenting a potential threat for your whole IT environment.


The role of SAM software

So, what is the SAM tool’s role in all of this? Even though unauthorized/unsupported software can be hazardous for the internal IT-network, traditional SAM software vendors have pushed most of the responsibility to the organization’s anti-virus and firewall solutions. But anti-virus programs will only detect malware, such as viruses or infected software in the environment. It will not recognize potential security threats in sanctioned and authorized software.


Xensam Security Center

Our security facility focuses on what traditional security solutions will most likely overlook. Xensam Xupervisor contains a “Manage” section consisting of multiple sub-menus, which are presented both in a dashboard and a list view.

The first section is the malware list. This view shows all the malware that Xensam has detected but the current anti-virus solution may have missed, or malware identified on machines where anti-virus is inactive/uninstalled for whatever reason. The Xearch agent automatically checks all inventoried data against our special malware database in our global Xource Application database. The malware database alone contains millions of unique malware definitions, which makes it by far the biggest malware database in the SAM arena.

The second section is the “Reached EOL” list. Here you can see all software in your organization that has reached its end of life and therefore, will no longer receive security updates and patches. You can also see when it reached its EOL and therefore make a quick risk assumption based on its last update/patch.

The third section presents all software that might be a GDPR risk, which means that it can store and/or handle user data. Computers with GDPR risk are of course extra sensitive in the case of a security breach.

The fourth and fifth sections contains Blacklisted and License Free applications. These applications, just like EOL software, can present security vulnerabilities that authorized/purchased software often negates with security patches.

The two last sections are more focused on the hardware side of security. Firstly, there is a list of a computers that are currently missing anti-virus and could be more vulnerable to attacks. The final section contains a list of all computers that are missing BitLocker encryption on their disks, which might be something that contravenes data polices at your organization.

All of these instantly useful features are available in Xensam’s new Security Center, which is a standard inclusion in Xupervisor. Of course, there is a caveat that whilst this product is powerful, it should not be viewed as a replacement of current security solutions – rather a complementary facility to identify potential security breaches that a current security setup may fail to uncover.

Software license compliance is a vital part of Software Asset Management, but to really reap the benefits of a good SAM program, security – through management of software with potential security vulnerabilities, also needs to be included in daily Software Asset Management operations.

Contact us now for a full demonstration or to learn more.


McAfee Labs Threat Report, 2017

Seizing Opportunity Through License Compliance, BSA GLOBAL SOFTWARE SURVEY, 2016

Internet Security Threat Report, Volume 21, Symantec, 2016

Fighting Cybercrime with Actionable Insights, IBM Corporation, 2014