Firstly though, what exactly is a Greynet? The growth of the Internet has made it easy to access and download a huge variety of software. The types can be split into three classifications based on use and threat to data and network security:
1. Productivity applications: freeware applications, often from multinational software companies helping individuals to be more productive. Examples include: PDF viewers, non-standard web browsers, and multimedia players. Generally not a threat to network security but may cause support issues if not familiar to the helpdesk team
2. Non-standard hardware drivers: useful applications provided by the hardware manufacturers, such as software to connect with home wireless networks or iTunes to connect an iPod to a work computer. These can leave a computer vulnerable through open communication loopholes and may affect productivity
3. Lifestyle applications: What is perceived as a safe peer-to-peer file sharing application can open up the network to serious threats, both in terms of security and legal risk
4. Malicious applications: often unknowingly downloaded, these applications include key loggers, remote access and password cracking applications that can undermine existing security measures
At its least dangerous, the average Greynet is simply taking up resources, consuming disc space on local drives and within central storage systems. These Greynets reduce network performance and cost the company money. At their most dangerous, however, Greynets can attack systems or leak confidential data to third parties. These are often unwittingly downloaded by staff either from the Internet or when enabling plug-and-play devices such as cameras and MP3 players.
As more staff work away from the office, laptops and smartphones are becoming host to more Greynet applications. This blurring of the line between home and office computing is increasing the Greynet problem dramatically. It is essential the threat is minimised. Four key steps to achieve this are:
1. Recognise the threat
2. Gain visibility of all files on the network
3. Set up and maintain a watch list
4. Engender cultural change
Once aware of the scope of the Greynet issue, an IT manager will recognise the effect they are having on the network. Above and beyond the security holes that key loggers or password crackers present, many Greynets are indicative of reduced productivity. Games, gambling software and adult-related applications indicate that users could be spending an excessive amount of time not working.
Understanding how Greynets ‘in the wild’ relate to the files on the network is key. This can be incredibly difficult to achieve without outside help.
Ideally network managers need to combine full visibility of exactly what applications are resident on corporate PCs with immediate access to an up-to-date database of current threats. By comparing known Greynets against specific applications on the network, administrators are easily able to focus their efforts. This can be further aided by severity ranking each Greynet, a dangerous password-cracking tool can then be easily differentiated from a non-standard news reader.
Depending on the chosen solution, administrators can even be warned daily of new Greynets appearing on the network, helping them dynamically manage the software in use across the enterprise.
There is only one way to truly combat the Greynet, and that is to work closely with employees to change their habits. They are using the network everyday – keeping them informed of the dangers of downloading unknown software and working with them to ensure that music, photos and other sizeable personal files are not left lingering on the network will make the network safer and more reliable.
No one is going to appreciate a heavy-handed approach. The aim is to strike a balance between big brother and letting staff run free with the IT network, defining Greynets and including in a company’s acceptable usage policy. By being aware of the existence of these files and constantly monitoring those installed on the network, the IT team are able to contact individuals and advise that files will be deleted. By helping them, they will hopefully help you.
Howard Waterson, Asia Pacific Regional Manager at Centennial Software
When it comes to network security, there are no grey areas
By Staff Writers on Oct 8, 2007 12:22PM