In their efforts to keep malware off their networks, some IT and security pros restrict end-users' rights to install apps on company machines, and the majority restrict the individual applications that are allowed on the network, a survey says.
Companies are essentially split on whether to allow users to install applications -- 51 percent yes, 49 percent no, according to a survey of 765 professionals by security vendor Bit9.
Seventy-four percent of the businesses polled allow only software from a list approved by the business, and 23 percent allow only software that is actually deployed by the business.
About half allow administrative rights to fewer than 20 percent of their users, and just 11 percent allow such rights to all users. Seven percent allow administrative rights to no users.
While restricting administrative rights is the most popular method of controlling or preventing unauthorized software, that's not the only method. Written policy guidelines that they trust employees to honor are used by half the respondents, according to the survey.
Of those who responded, 45 percent said they've found digital music software on work machines, 44 percent have social media software and 43 percent have instant messaging. Spyware was found by 36 percent of respondents and 32 percent said they found viruses and other malware on corporate machines.
When presented with four choices of attacks and asked which ones they fear, 60 percent said those that exploit zero-day attacks that leads to stealing intellectual property. Fewer were concerned about employees stealing and publishing company data (28 percent), a vendor being hacked and compromising company email (26 percent) and customer data being stolen because a cloud security application has been hacked (25 percent).
About a third of respondents say they don't let employees use their own mobile devices for work. 41 percent do allow them but only on isolated public networks. 27 percent allow these devices to connect to the corporate intranet, the survey says.
Just 19 percent say that network crashes have been traced to use of "unusual" software.