Computer security: controlling applications in risk management
By 2021, almost all companies that are in a position to do so are thinking about digitization.
Digital transformation is a concept that is often required by the present context that presents it as a need for possible evolution. However, digital is also settling with its drawbacks. Digital data is not so easily protected. And it's not that simple in a situation where physical control of things is hard to do. The it is therefore a significant risk.
Indeed, computer attacks are multiplying. Without seemingly to be able to stop the advance of cyber criminals, computer systems are under attack all over the world. Cyberattacks are more sophisticated than before. Hackers are much more enterprising, and are making moves they could never have done five years ago. The point of attack, due to several upheavals in recent times, (the adoption of large-scale telework for example) have multiplied. And the numbers confirm that. In 2019 alone, nearly 1 billion malware, mostly ransomware, were observed.
This article will also interest you: Mobile app security still not up to date
However, there are indeed ways to effectively combat this problem."These risks have led the cybersecurity community to develop application control technologies. Today, it is a pillar of terminal security strategies because it is both secure and flexible. Flexibility is important because some CIOs have a crippling approach and go so far as to completely block the installation of new software or updates on the terminals, in order to prevent a virus from taking advantage of it to infect the terminal. It's safe but doesn't allow teams to do their job properly because they're limited in the tools at their disposal," said Benjamin De Rose, DriveLock's Vice President of Southern Europe. Focus on flexibility. For this, the specialist says: "The control of applications – white listing and blacklisting – is a simple process that makes it possible to secure the computer system while providing sufficient freedom for teams to work smoothly. ».
In fact, the result of a study carried out in 2019 by the Ponemon Institute should be recalled. The study raised the fact that a large number of computer attacks were usually discovered only several months after they were carried out. On average, it took 279 days for a successful computer attack to be discovered. While we know that an infiltrated computer system without this being known, is a real danger to society. Not to mention the financial cost that could be conceded. The study estimated the problem at a loss of 1,000,000 euros per computer attack.
"So we have been faced with a dilemma for a while: on the one hand it is necessary to block attacks, on the other hand we must give enough freedom to the employees to work effectively. To solve this equation, application control is now enriched with artificial intelligence (AI). says Benjamin De Rose. For him: "AI combines two complementary approaches: blacklisting (blacklisting and not allowing them) and white listing (allowing only targeted applications); the first is more effective from a security point of view, but the second offers a significant fluidity for the staff. The two can be combined through prioritization rules: in case of conflict between two lists, the blacklist wins. So if a folder is whitelisted but an application is blacklisted, it can't be launched."
Therefore, application control is an important aspect in defining companies' IT security strategy. It can be summed up by means that this significantly reduces the attack surface. It also prevents the scheduled execution of malware on infected platforms upstream. Because specific rights to each application to be then defined from the deployment process. This is far from the major advantages of doing so.
Now access an unlimited number of passwords: