Feb 22, 2012

After an admin installed software that I know nothing about, what can I do to ensure it is secure?

Someone else with admin privileges installed free software that has never undergone a security analysis as far as I know, plus he entered it in the domain admin account. I can't prevent what has already been done, but I'm not at ease with this, but I have to be careful not to create "political" problems, since the person who did it is a step above me on the organizational chart. Any thoughts on what I can do to make sure the software is benign?

I can understand your conflict. It comes with the territory, I think, that people who are "over" us sometimes put us in the position of trying to protect the company from their actions without stepping on any toes. I would try to see if you can change your domain administrator account password to keep the same thing from happening again. You didn't mention the specific software, but I would do some searches to see if anyone has experienced security issues or if a penetration test or code review has been performed. There is a good chance that it has, if the software has seen much enterprise use. Good luck!
You should consider using anti-malware and/or antivirus software to scan it. Also consider doing some research on the software and where it was obtained. Google it and see if others have had security issues with it.

If you find that it has a bad track record, I suggest politely approaching whoever installed it and letting them know. Or better yet, send them an email with a head's up. That way you have a documented head's up that will protect you if the software causes problems.

Answer this