– If a software product is installed on a company’s own equipment, on its own server, or in a private cloud (rented computing resources), it cannot be blocked. If the product is used as a “service” – providing access to software installed on the vendor’s servers or those of its partners – then such access can be blocked. However, it would require continuous monitoring to ensure that the address has not been changed, since such applications are not needed to have a permanent name like the websites of the banned social networks, and their addresses can even be changed automatically.
VK and OK.ru are essentially popular websites and brands associated with domain names, making these domains easy to block. The domains where accounting systems are hosted are not as well-known and do not have such popular names. In addition, a small program can be created that runs on the customer’s computer, and he will receive a new address whenever it needs to be changed – and that’s it.
Blocking through administrative means is feasible if the addresses from which, for example, cyberterrorists operate are monitored, but this is difficult because they change them dynamically. In short, this is complex work and I am not sure whether it can be done in practice. This question should be answered by information security specialists and government authorities responsible for cybersecurity.
Furthermore, the Union of Business Automators continues to operate, offering training courses and licensed access to BAS. If this union were banned, a large number of Ukrainian enterprises would be at risk, as their accounting is maintained using this software.
Therefore, in the context of prohibitions, economic security must also be taken into account. Yes, 1C/BAS are hostile products through which russians may be able to conduct espionage or gain leverage over Ukrainian enterprises. They are, in a sense, an “atomic bomb” in cyberspace. But they must be eliminated competently and gradually, taking into account the number of users, so as not to disrupt business operations and to give time for migration to new systems.
Unfortunately, as a country, we are currently dependent on 1C/BAS. This is comparable to the “Druzhba” oil pipeline: if we want to receive funding from the EU and later join the bloc, we were forced to unblock the pipeline and allow the enemy to earn revenue from oil exports for some time. The situation here is similar: banning this software in the commercial sector is a significant step and must be carefully prepared.