The proliferation of devices and software has inevitably caused enterprises to serve as a home for a number of unsupported and unauthorized software. These software might bring a lot of security risks such as information disclosure, malicious code injection, unauthorized access that damages the organization's security and reputation. Take a brief look at the impacts of such software to your network.
End of life software are rampant in enterprises due to lack of visibility and poor management. The consequences of running an end of life software outweighs its benefits. End of life OS and applications will not receive security updates from vendors to patch critical vulnerabilities, which makes them extremely vulnerable to exploits. Moreover, Legacy OSes can't run latest applications and they'll be stuck with legacy applications which will soon become end of life too, thus widening the attack surface. Also, businesses in regulated industries may also face significant fines for running out-of-date systems.
P2P(Peer to Peer) applications such as Overnet, Morpheus, SoMud, GigaTribe allows a user to share and receive files over the internet. Files shared through Peer to Peer applications may be a pirated software, or copyrighted material which might land you in trouble for being involved in illegal actions. Also, the reliability of files shared through peer to peer software can't be verified which gives an attacker a leeway to transmit malicious code along with the file you download. Users might be unaware of what folders they are sharing which might allow unauthorized access to sensitive information stored in their computers. Some peer to peer applications may ask you to open certain ports on your firewall to transmit the files. This might allow an attacker to exploit the loopholes associated with the port or take advantage of any vulnerabilities that may exist in the peer to peer application.
IT employees often use remote desktop sharing software to facilitate remote access and management of remote server, virtual desktops, terminal servers, and applications over internet for the ease of operation. It's true that a remote desktop sharing software improves productivity, but it also increases the attack surface leaving an attacker to gain control over business critical assets once he finds a way to exploit the computer which is used to access them remotely. Also, if the remote desktop sharing sessions are not encrypted, it might increase the possibility of a Man-in-the-middle (MitM) attack.
The above cited reasons explains the importance of auditing such high risk software that may be installed in network systems without the administrator's knowledge. With Vulnerability Manager Plus at your disposal, you can