• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 706
  • Last Modified:

Portable firefox or portable apps

Please give me your input and opinion on the risk involved with allowing portable apps or portable firefox on a corporate network. I found someone that is using the portable firefox program on a usb device. We have a policy in the handbook that addresses the use of portable devices, to include the proper usage of usb drives.
0
jhhaley
Asked:
jhhaley
  • 2
2 Solutions
 
OkigireCommented:
Portable firefox itself probably isn't too bad, but there are possibilities that there are security holes.  In general, anything can pose serious security risks.  Depending on the sensitivity of the information, people can "bring it home" completely unencrypted and available to prying eyes.  Other applications- say Internet Explorer, for example -has many security holes.  If a program they're using is, or contains a virus then the network is in trouble.

A recent experiment - a security consulting firm filled USB drives with random pictures and files... of course they hid a trojan in there.  They left these in common areas, and people picked them up and plugged them into their machine and all ran the program.  INFECTED!  Now, granted this is an extreme case - it is completely realistic for somebody to "accidentily" bring in a virus or transfer data or run programs that could conflict or "break" something on the network.
0
 
TolomirAdministratorCommented:
Well the portable version of firefox, grants a certain level of privacy. Like any other portable application.

As long as you grant internet access to employees, seeing an USB drive as particular security leak is a bit overreacting.

I'm using gmail to store sql scripts such like as some kind of notebook (safe them as drafts) I even store always needed programs right there.
So if I'd like to steal information I would use gmail, not an usb stick ;-)

I think, it might be a good idea to offer security tested applications for the employees so they can be sure their portable applications like firefox is clean.  

Of cause if you just want to knock down all such stuff, one answer: http://www.gfi.com/endpointsecurity/

Tolomir
0
 
OkigireCommented:
I think both your (Tolomir) and my (Okigire) opinions are very valid, and show two perspectives.  Depending on the environment, security could be an issue including Firefox, but may well not be.  Since the author gave no feedback, I think both are worthy answers and a point split would be appropriate.
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now