As the Petya Cyber attack begins to unfold across the globe, IT needs to take a closer look at software management on the endpoint and make sure protection is in place. For our next article in this series about the Center for Internet Security’s Critical Security Controls, we take a look at CIS Control #2. It reads as follows:
Inventory of Authorized and Unauthorized Software
Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.
Software Security Risks
On almost every computer in your facility, there are hundreds — if not thousands — of software programs that may or may not be necessary to the business interests of your company. The fact that these programs exist on the hard drive may not be a problem in itself, unless storage space is a problem, or unless they pose a security risk that could damage your entire operation. Every computer connected to the network, and every piece of software on it, if compromised with malware, ransomware, viruses, or any other kind of malicious programming, becomes an attack vector to your entire system.
Software isn’t perfect. Much of it is vulnerable to compromise. Hackers and attackers use black-hat targeting techniques to find ways of infiltrating your network to gain access and information. The authors of the software know this and regularly publish patches and updates to help you maintain the security of their products. But if you don’t know about all of the software running on your computers, and what version of the software is in use, how will you know what patches and updates to apply? This confusion is the complicated issue that our engineers address daily in support of Critical Security Control #2.
Endpoint Application Management and Ivanti Software
In partnership with Ivanti, NCSi engineers use Endpoint Application Management applications to make complete inventories of all the software running on every computer in your network. You want the total security of every application on your system, and that is what we deliver. You want to identify the beneficial business apps and keep them running. But you want the unauthorized, the insecure, the unknown, and the potentially dangerous software on those computers to be identified and dealt with.
Software Security To-Do List
In years past, your staff would have to inventory all the software and make a “blacklist” of those applications that weren’t allowed on the network – or conversely a “whitelist” of allowed apps. This manual method was time-consuming and quite error-prone. Using sophisticated Ivanti Endpoint Management applications, your team will be able to:
- Identify all software applications on all computers
- Identify all users of each piece of software
- Define and assign access policies for individual or groups of applications
- Control access according to licensing agreements
- Prohibit the operation of unauthorized software
- Stop the execution of unauthorized apps that have already started
- Monitor and track all activity and log it for further study and reference
With Ivanti Endpoint Application Management, you get well-documented security and control. Putting up a vigorous defense against ransomware, malware, and all types of malicious exploits is in your organization’s best interest. You want minimal to no disruptions of your business as usual. This is the purpose of CIS Control #2 as it relates to software.
NCSi can help you implement the CIS Controls
By creating a comprehensive inventory of all software applications, you finally get a grip on automated updates and patches that keep your network safe. Knowing who is using what software keeps unauthorized usage and licensing problems to a minimum. Add in the ability to stop or prevent malicious software from running in the first place, and you have the network system safety and security you want on a 24/7/365 basis. See our CIS Control Battle Plan here (2-page PDF).
CIS Control #2 prompts us to secure our software. With the help of our Endpoint Security Partner Ivanti, NCSi takes this concept to the limit. Contact us with any questions you may have or to have this high level of security installed into your organization today.