By Dr. Daniel Osafo Harrison
@Elevate Xchange Advisor and Contributor
© Elevate Xchange 10/30/2022 All rights reserved.
The advancement in mobile applications have made it possible to download various applications for free. As a result, there is an app for almost everything. However, while some apps may simplify our work or improve productivity, they may be dangerous for the enterprise network environment.
Often, free software is infested with worms, trojans or utilizes zero security coding best practices, thereby making enterprise networks and systems vulnerable to internal and external attacks. A vulnerability is a ‘hole’ or ‘weakness’ in any software or operating system that a knowledgeable and determined attacker can exploit. Hence the need to avoid downloading third-party free apps or paid apps onto organization-issued workstations and Laptops without authorization.
Mitigating Freeware Vulnerabilities
· Establish enterprise-wide security awareness training program
· Use application whitelisting to protect infrastructure from potentially harmful programming.
· Implement configuration management and patch management controls to keep enterprise systems secure using NIST SP 800-128 and NIST SP 800-40 guidelines and best practices.
· Reduce attack surface areas by segmenting networks into logical parts by functional groups.
· Require multi-factor authentication and enforce the principle of least privilege (POLP) using NIST SP 800-53 r5 or ISO 27004 guidelines and best practices.
· Employ robust endpoint security program throughout the enclave using NIST SP 800-83 guidelines for malware protection and SP 800-94 guidelines and best practices for intrusion detection and intrusion prevention.
· Deploy security information and event management with integrated tools to monitor traffic within the enterprise network perimeters (enclave) using NIST SP 800-137 guide and best practices for continuous monitoring and NIST SP 800-42 guidelines and best practices for enterprise network protection.
· Analyze access logs and verify all anomalies.
Conclusion
In a nutshell, using unauthorized software can create severe security issues that can lead to Distributed denial of service attacks (DDoS) or disclosure of sensitive information such as cryptographic keys, enterprise proprietary information, and sensitive email, resulting in reputational damage, financial loss, and regulatory fines to the organization.
ABOUT THE AUTHOR
Dr. Daniel Osafo Harrison,
DCS, C|CISO, CISM, CISA, CRISC
Dr. Harrison is a Doctor of Computer Science in Information Assurance, Chief Information Security Officer (CISO), Chief Privacy Officer, and Executive Board Advisor. Dr. Harrison is US Army Combat Veteran with expertise in Local Government, Industrial Control System, Laboratory Information Systems, DoD Information Systems, and Enterprise Network Security.
Dr. Harrison is a solution oriented, transformational CISO with expertise across all information security facets. A cybersecurity expert with top US security clearances and a record of exemplary service building and leading multiple cybersecurity task forces across various US military branches, local government, and highly regulated industries. A change agent and servant leader who drives needed organizational transformations and turnarounds that optimize the security of mission-critical data, systems, and people and inspire individuals and teams to learn more, achieve more and serve as a vessel for service excellence to others and the organization.
Dr. Harrison can be reached at daniel@docharrison.org and on LinkedIn at
Comments