A few days ago a company called Websense, Inc. (NASDAQ:WBSN) announced the results of the company’s seventh annual IT Decision-Maker Web@Work study.
Some of the threats they explored:
Spyware – Hacker software that runs undetected on a PC and is usually designed to monitor and report back any data the criminal thinks will be to his advantage.
Keyloggers – Spyware that has the ability to record keystrokes and screen shots.
Bots – (short for robot) – Software unknowingly installed on an end-user’s PC and can communicate with other computers on the outside of the company.
Viruses – Malicious software that can frequently lay dormant on a PC’s hard disk and, once activated, interferes with the system’s desired operation.
Survey Results
In 2006 almost one in five companies discovered they had been attacked by a hacking tool or a keylogger that had been launched by one of their employees. Keyloggers are probably the most dangerous type of spyware because stolen keystrokes and screen shots are used by hackers to steal passwords and confidential information, which can then be used to provide full access to corporate systems and files.
An up-and-coming threat that showed up for the first time in the 2006 survey was the “bot”. These nefarious little programs attempt to run undetected and pass back information to an offsite computer. But the bot can just as easily be used for launching distributed Denial of Service attacks, acting as a spam proxy, and hosting malicious content and phishing exploits.
One of the most interesting pieces of data in this report was that 19 percent of IT decision-makers indicated that they have had employees’ work-owned computers or laptops infected with a bot, and as these little pests become more advanced and prevalent that number will surely grow.
When looking at general spyware, the number is staggering – 92 percent of IT decision-makers surveyed estimated that their organization has been infected by spyware at some point.
When asked which security breaches could potentially put their job at risk, the top two responses were system downtime due to viruses (50 percent) and lost or stolen intellectual property (44 percent).
Intellectual Property Theft
40 percent of IT decision-makers are extremely concerned about the chance that some of their proprietary information could be stolen. In many cases trade secrets, production capabilities, manufacturing methods, etc. are all that give one company an advantage over its competition. And for some companies the theft of data is truly a mater of National Security. One of the largest US nuclear weapons testing facility uses ACP’s Thin Client technology and is vitally concerned with data security – so much so that if you try to leave the facility with your personal laptop they will physically remove the hard drive and drill holes in it!
How Do Thin Clients Help?
Take a look at some of the inherent advantages of ACP’s Thin Client technology that are available to all clients running under our ThinManager software:
- Users cannot add viruses through the Thin Client
- No data is every compromised or lost if a ThinManager Ready Thin Client is stolen or destroyed
- There is no virus that runs on our proprietary Thin Client Operating System (TOPS)
- User access is completely controlled by the ThinManager software
- Users can be delivered just the application with no underlying Windows desktop
- Keyboard key combinations can be completely blocked from even being sent to the Windows server
- Client access can be limited by time of day and location
- User access can be blocked depending on ID, configuration, even biometric authentication
ACP’s Thin Clients – the “Securest of the Secure”
I came across a press release from a major office grade Thin Client manufacturer where they were bragging about their new security features. While we agree that security is vital what I found interesting is that their security enhancements are, by our standard, very limited.
This company is not talking about adding greater control of user authentication or better access to applications. What they are referring to is protecting their own Thin Clients from viruses. In effect they are admitting to the fact that their clients, based on embedded XP, are a potential target for viruses – and through them the entire networked environment. Because their client operating systems are built on the same technology as terminal server operating systems there exists the possibility that a client infection could be passed on to other clients and terminal servers.
In contrast, ThinManager Ready Thin Clients run a proprietary operating system; there are simply no viruses targeting ThinManager Ready Thin Clients. If a virus ever were designed to break into our clients it is impossible that it could then be passed on and infect a Windows machine. Basically, what we are saying is that you don’t need to install anti-virus software on ThinManager Ready Thin Clients. That would just be a waste of CPU cycles.