Employee freedom, sophisticated malware and vulnerable applications all pose significant threats to the manageability and security of an organization. Despite attempts to lock down systems and implement security applications that fight malware, the problem continues to persist. To stem the tide against ever-increasing security risks, organizations need to implement proactive controls that define what and how applications can run on a system – thereby blocking the bad and allowing the good.
Neither security policies nor user education prevents employees from downloading potentially vulnerable applications or unknowingly downloading malicious software. Introduction of these applications potentially destabilize not only the security of the system but its ability to function. Unsupported applications wreak havoc and generate additional desktop support calls. As a result, Helpdesk technicians spend additional cycles ascertaining what applications are present and troubleshooting how the unsupported applications impacted the system. Meanwhile IT is left to continually clean-up the mess of unwanted or malicious software.
Although organizations maintain vigilance against outside attacks through use of anti-malware products, the concerns over zero-day exploits continue to mount as attack vectors become increasing complex and frequent. However these products are only as effective as the current signatures installed on a system. Waiting for traditional malware vendors to account for the latest known attacks and for the system to receive an update leaves the system open to attack and infection. Instead of waiting for the attack to execute and containing the threat, administrators need to be in the driver seat by authorizing applications and defining the privileges those applications have on a system.
Effective application security increases in importance as the number of regulations impacting organizations continues to grow. Many regulatory and governmental guidelines, such as HIPAA, Sarbanes-Oxley, FISMA and PCI, require that IT security demonstrate the ability to lock down access to critical applications and protect those systems from exploit or data loss. Proper application controls ensure that unidentified or unauthorized personnel do not have access to the critical data and thereby have the opportunity to manipulate the information or the system.
Application Control Solution provides administrators with a policy-driven mechanism for identifying the software programs running on computers under management, and controlling the running of software programs at execution. Application control can improve system integrity, security and manageability – which will ultimately lower the total cost of ownership and aid in corporate and regulatory compliance.
ACS 90 Second Tour
