Portable Applications: Any Risks?
Portable applications might not be in all headlines today, but they are still in use and deserve our attention.
Portable apps are programs that do not require installation on your machine to be used. Portable applications can be stored on removable devices – such as USB drives, CDs and external HDDs – or can be downloaded from the Internet. They do not need configuration and are not present in the Add/Remove Programs, and as such portables do not leave footprint on the machine they are run on.
As on-premises and cloud applications, portable apps can be Shadow IT, i.e. software the IT department knows nothing about. As it’s easy for portable apps to stay unnoticeable – they can be run without System Administrator rights even in locked-down systems bypassing restrictions – portable apps can turn out to be viruses, malware and spyware. Therefore, violation of security, in particular information security, is the biggest threat portable applications pose. One should be cautious of what applications their employees download from the Internet – they often download piratware, which may be infected with viruses. For instance, key generators are typical examples of virus droppers. Portable applications can access data of the organization, thus creating vulnerabilities in the organization’s system. Taking into account the popularity of the cloud, the threat becomes even more serious as stolen data can be uploaded directly to the net. Auditing applications often fail to detect portable apps. That is why it is difficult to investigate cases connected with such applications.
Such vulnerabilities need management that Binadox is able to provide for companies and organizations to take control of their systems. The Binadox Software License Compliance and Management Solution monitors each organization’s machines and collects all the information about the machine and its software assets, including portable applications. The Binadox End Point monitor sends to the Server the following collected information about portable applications:
- Detection time when the end point monitor detected an application
- File creation time when a portable application executable file was created
- Computer on which a portable app was used and detected by the Binadox end point monitor
- Zone where a portable app was obtained from, such as “Local machine”, “Intranet”, “Trusted”, “Internet”, and “Untrusted”.
The last three types of zone directly indicate the level of potential. The trusted zone describes web-sites that are considered more trustworthy than others; the Internet zone designates web-sites that are not included into the trusted zone; and the untrusted zone i used to label web-sites that contain content that can cause problems if downloaded.
Such information collected by the Binadox Solution allows you to see what portables your employees use and which of them pose threat to your security and require taking measures.