Australia, Mar 7, 2024
Published by Logicalis Australia
Author: Shane Borczuch
Make Cyber-attacks Harder with Application Hardening
For a head of IT or a Chief Security Officer, there's nothing greater than power and control, except perhaps for coming in under budget and on time for a project.
In the battle against cyber criminals and human error, greater control can make all the difference. That's where cybersecurity strategies like application hardening emerge as a crucial component. Application hardening fortifies software to only allow trusted, verified and required applications and system functions to operate, making it harder for attackers to exploit.
Application hardening is an essential cybersecurity strategy
Application hardening is a security practice that reduces an application's attack surface by whitelisting only trusted and verified applications deployed to managed endpoints to minimise risk. The practice falls under another common security principle of providing the least functionality. While applications often sell their functionality by spruiking the 'bells and whistles', application hardening is about limiting the capabilities and functions back to what is necessary.
Application hardening and limiting administrative privileges are two of the eight mitigation strategies recommended by the Australian Signal Directorate (ASD) to protect Australian organisations from growing cyber threats. These Essential Eight strategies are the most effective approach to improving an organisation's security posture. Other strategies include multi-factor authentication (MFA), regular backups and patches for apps and operating systems, and restricting macro settings.
In 2018, Australia introduced the Security of Critical Infrastructure Act (SOCI Act) to protect critical assets across the energy, utilities and ports sectors. In response to the COVID-19 pandemic, the Government then extended these sectors to other essential services, including financial services, transport, healthcare, food and groceries and education. The Essential Eight is a vital security framework that helps organisations in these industries comply with the SOCI Act.
Why is application hardening important?
If being part of the Essential Eight isn't enough reason to adopt user application hardening, here are some additional points to consider.
An application hardening solution from Logicalis involves a complete implementation of partner products to achieve application whitelisting and privilege access control. The solution protects against a range of threats, including malicious websites, ads that run malicious scripts and exploiting vulnerabilities in unsupported software. The attacks can look and act like legitimate functionality and repurpose them for malicious intent, including phishing. Phishing remains one of the most common attack methods for individuals and businesses.
In its latest annual cyber threat report, the ASD shared details on recent critical cybersecurity incidents in Australia. Using a 6-tier category system, C1 to C6, where C1 is the worst, there were no C1, 5 C2 and 171 C3 level incidents over the year. One in five of the incidents at the C3 level, which includes attacks on critical infrastructure, featured exploits from public-facing applications.
In actual examples provided in the report, the ASD showed that cyber criminals were also targeting application exploits in less than 48 hours from patch release dates and were still successful with attacks even two years later after patches were released.
Many organisations don't know how many apps they have, and the actual number can come as a shock. According to the latest connectivity report from Mulesoft, organisations have an average of 991 applications across their digital estate. That's a significant number of applications for any IT team to stay on top of.
An excellent place to begin with application hardening is to audit and identify the apps running across an organisation. A trusted partner like Logicalis can help an organisation understand their overall environment. They can advise how to reduce the number of unnecessary apps, find alternatives and streamline processes and techniques for efficient application lifecycle management.
Another action to take is application whitelisting or allowlisting. Although considered part of Application Control in Essential Eight, application whitelisting focuses on indexing and providing only approved software and executable files. Application hardening goes beyond whitelisting to specify what applications can run and do on a specific device. In the same way that staying on top of the fine print is crucial for legal matters, for information technology, the detail is in the configuration settings.
By limiting the complexity of applications, it can make it easier to monitor and detect suspicious activity in a hardened environment. All these actions help to improve an organisation's overall security posture.
So, regardless of whether your organisation needs to comply with the SOCI Act, or you just want to improve your overall security posture, application hardening is an essential cybersecurity strategy to explore.
With more than 25 years of experience, the team at Logicalis are ready to help you understand your environment and improve your cybersecurity stance. With a global team of more than 7,000 architects, your organisation can benefit from the deep expertise and strong partnerships that Logicalis have with products and technologies from leading vendors such as Microsoft and Ivanti.
Contact our team to discuss how user application hardening can improve your cybersecurity posture.