Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

Freeware or 3rd party software in a Enterprise environment best practices

hello,

This is more of a process or policy question then a technical one.  I'm looking for anyone's best practice when approaching one off installs in an enterprise environment.  

For example, a end user of considerable status has requested we load freeware for work purposes.  He states that he has been using this program for a very long time and my biggest concern is (of course) security.  I have no problem loading vendor software we are a customer of and have a BAA with, since they are held accountable but these protections are not present in freeware or even 3rd party software (paid freeware version) a end user might request.  I'm not prepared to just say no to the end user without some feedback from others who have been confronted with challenges like these.  Does anyone have a good approach to the request for freeware or 3rd party software installs not affiliated with your organization?
0
jo80ge121
Asked:
jo80ge121
2 Solutions
 
Don S.Commented:
Even the best written policies get ignored if the user has enough pull and doesn't want to listen to anything you have to say.  Many organizations block freeware download sites to try to stop this sort of thing.  About the only angle that seems to be effective is the security angle and not wanting to be the next company in the news for having been attacked and breached and are now looking at millions of $$ to clear up the problem.  But, if you don't have a CIO or COO that is willing to stand behind you on this, you're not going to win the battle.  Try to give them a supportable alternative as a compromise.
0
 
ajeabCommented:
freeware doesn't alway mean free.  most useful software I found has a clause that prohibit  commercial used.   but some program do allow commercial or non-profit  use.  I did use faststone which doesn't allow commercial use but when contact author, he is allow non-profit use. so it's case by case.  it's best to eval the need and if that will allow user to do job better. I don't see why not.
0
 
rindiCommented:
Free software that is also OpenSource you should have no problem with. OpenSource is what mainly Linux relies on, and as the source code is freely available, problems are usually discovered and repaired faster than if you use closed source software. A lot of OpenSource software that runs on 'nix platforms has been ported to also run under Windows.

With other freeware I think you are right in being skeptical. There I think you should decide from case to case, by looking at the software's author and maybe getting in touch with him.
0
 
Gabriel CliftonCommented:
I think it really needs to be a case by case basis. All requested software must go through major testing for a few months. Remember, Linux can be put into that category and many IT pros trust that more than the paid for Windows.
0
 
jo80ge121Author Commented:
You all confirmed what I was already thinking.  Thanks all for solidifying my position on this.  Hopefully my CIO backs me up!
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now