Bring Your Own Device is already normal in the United States: According to an Avanade study, in almost 90 percent of enterprises, at least half of the employees use their own mobile devices for their daily work. Many applications and apps are not up-to-date and have numerous vulnerabilities. This does not only apply to smartphones and tablets, but also to notebooks and PCs that are used in the home office, for example.
The danger
According to the latest annual report 2019 by the IT security specialist Secunia, 76 percent of the vulnerabilities in the 50 most-used programs on private PCs last year came to the account of third-party software such as Mozilla Firefox or Adobe Reader
Only 24 percent were found in Microsoft programs, including the Windows 7 operating system. Third-party software is the biggest threat to corporate end-users, so security should not be restricted to the known interfaces of the Microsoft programs Br>
Detect and analyze security gaps
Most of the vulnerabilities found were highly critical (68.2 percent) or extremely critical (7.3 percent). Over the top 50 most popular programs, Secunia discovered a total of 13,073 vulnerabilities in 2,289 vulnerable
Products. However, patches were already available for 79 per cent on the first day, so users themselves could ensure a high level of security for their devices.
Even if IT administrators have the appropriate permission, the variety of privately used devices, operating systems, and applications makes it virtually impossible to manually or semi-automate all patch mechanisms.
According to PwC's "Information Security Breaches Survey 2013" study, 14% of major companies last year reported a security or data protection incident in social networks, nine percent in smartphones or tablets, and four percent Cloud Services. Four percent reported that the worst security incident was caused by mobile data transmission.
How can companies control and reduce these security risks? The combination of weak point intelligence and weak point scanning offers a solution. This is used, for example, in the Secunia products Personal Software Inspector (PSI) for private users and Corporate Software Inspector (CSI) for companies. The various vulnerabilities in operating systems and third-party programs can be solved by using four steps at
1. Vulnerability Intelligence Management detects and analyzes the vulnerabilities of all operating systems and applications. This is done by specially trained experts who are looking for vulnerabilities with current scanning technologies, taking into account the findings of manufacturers and other vendors.
2. Vulnerability scanning uses this information to test the various software versions on all of the company's servers and devices for vulnerabilities. In this process, security gaps are detected and analyzed with respect to their threat potential by means of a file signature procedure. The responsible persons receive a detailed overview of all potential hazards and their possible impact on the business. They can then close the security gaps according to their urgency.
3. Patch creation is used to develop the software updates to close the security holes. This is usually done by the manufacturer of the operating system or the application as long as the version is in the active support lifecycle. In this case, the patch is usually played automatically. When the support is finished or is self-developed, the patch management solution provides the respective update.
4. Patch management manages the processes for eliminating security gaps. Here, rules for the scanning of self-developed programs, drivers and plug-ins can be individually created and adapted using appropriate tools. In addition, companies need to ensure a complete and comprehensive integration of the patch management module in deployment systems.
Then all security updates on devices and servers can be rolled over the familiar surface. Secunia's security approach examines more than 45,000 systems and applications. Each year about 10,000 new vulnerabilities are identified in applications, with about half of them classified as "critical". When these findings are integrated into the scanning process, the applications can be examined on all the company's servers and devices for security gaps - at least as far as the IT inventory is captured and managed.
The gaps are recognized by a file-signature procedure and broken down for each individual program with regard to their dangerousness for the company. Security officers are thus given a single console to provide a detailed overview of all identified vulnerabilities and their possible implications for the enterprise.
Creating and managing patches In order to be prepared for future dangers, it is usually not enough to wait for patches from manufacturers and to import them. Companies that use self-developed software must also create the "security patches" themselves and distribute them to their IT environment. Here, rule sets support the scanning of self-programmed applications, drivers, or plug-ins.
The corresponding vulnerabilities and patches can then also be inserted into the patch management solution. This is the only way to ensure that security officers are provided with the necessary visibility on which servers and devices the proprietary software is installed and can install the patches appropriately.
Finally, companies must also pay attention to a comprehensive integration of the patch management module into superordinate deployment systems. This includes the frequently used Windows Server Update Services (WSUS), the Microsoft System Center Configuration Manager (SCCM), and the Altiris Deployment Solution. This integration greatly simplifies patch management for the IT department by simplifying and accelerating the installation of security updates, regardless of deployed deployment systems.
This allows all patches, even those to remove vulnerabilities, to be distributed to servers and endpoints from the familiar interface of the deployment system. An even greater simplification and automation enable software development kits for the security solution. If they are available, the IT department can also transfer the management of the security updates to other client management systems and perform them through them.
No comments:
Post a Comment