In their efforts to keep malware off their networks, some IT and security pros restrict end users' rights to install apps on company machines, and the majority restrict the individual applications that are allowed on the network, a survey says.
Companies are essentially split on whether to allow users to install applications -- 51% yes, 49% no, according to a survey of 765 professionals by security vendor Bit9.
NEW THREAT: Scariest IPv6 attack scenarios
Seventy-four percent of the businesses polled allow only software from a list approved by the business, and 23% allow only software that is actually deployed by the business.
About half allow administrative rights to fewer than 20% of their users, and just 11% allow such rights to all users. Seven percent allow administrative rights to no users.
While restricting administrative rights is the most popular method of controlling or preventing unauthorized software, that's not the only method. Written policy guidelines that they trust employees to honor are used by half the respondents, according to the survey.
Of those who responded, 45% said they've found digital music software on work machines, 44% have social media software and 43% have instant messaging. Spyware was found by 36% of respondents and 32% said they found viruses and other malware on corporate machines.
When presented with four choices of attacks and asked which ones they fear, 60% said those that exploit zero-day attacks that leads to stealing intellectual property. Fewer were concerned about employees stealing and publishing company data (28%), a vendor being hacked and compromising company email (26%) and customer data being stolen because a cloud security application has been hacked (25%).
About a third of respondents say they don't let employees use their own mobile devices for work. 41% do allow them but only on isolated public networks. 27% allow these devices to connect to the corporate intranet, the survey says.
Just 19% say that network crashes have been traced to use of "unusual" software.