Greynet is a term for user-installed software. Unlike blackware (pirated or unlicensed software), greynet software isn’t necessarily illegal, but it can still be some of the most dangerous stuff on your system.
There are three major problems with greynet:
- It uses resources.
- It can tear large, gaping holes in your security fabric.
- Unlicensed software on your system can expose you to legal liability, no matter who installed it.
The biggest problem with greynet is probably the most prolific source of security breaches in corporate America today: Applications such as peer-to-peer file sharing are notorious hideouts for rootkits, spyware, keystroke loggers, and other nasties.
The legal exposure can be severe as well. Enterprises are assumed to have control over the software on their systems, especially if it has been installed by their employees. A lot of greynet software, even productivity applications, isn’t licensed. And even if the stuff on your system is licensed, you’re going to have a tough time proving it on short notice.
A lot of greynet is stuff that shouldn’t be on the organization’s system in the first place—things like MP3 downloads and file-sharing programs. Some greynet programs can be controlled by setting policies to keep certain kinds of files off the users’ desktops. But other greynet programs aren’t that easy to spot.
The complicating factor about greynet is that not all of it is for personal use. A lot of users, especially the more sophisticated ones, have favorite applications, utilities, plug-ins, and other items that aren’t on the administrator’s list of approved software. Sometimes this stuff is actually necessary for the user to do his or her job. Sometimes it’s just something that he or she prefers. If you cut your spreadsheet teeth on WordPerfect’s Quattro Pro, you may want to continue using it even if the official office standard is Microsoft Excel, simply because Quattro Pro is easier for you.
This situation requires a certain amount of sensitivity from administrators. While some stuff, like the MP3 files, can be banned for most users, not everything falls into that category. Sometimes you need to find out what your users are doing with the stuff on their desktops before you disable it.
The key to controlling greynet is knowing that it’s there in the first place. Using the inventory feature in a DTMS, it’s easy to spot unapproved programs when they pop up on the users’ desktops.
The key here is communication. That means communication from the top down, with a clear policy on unauthorized software and communication from the bottom up by finding out what unauthorized software users have and why.