While many businesses understand the need for network level security practices in the form of firewalls, ISP filtering and public DNS precautions, less well-known are the security practices required to maintain adequate application level security.
Some malware is designed to bypass a firewall, burrow into existing applications and compromise security from within a computer or a business network. Furthermore, with the rise of business web applications that may or may not work within the auspices of a network firewall, security may be compromised through e-commerce applications, interactive programs on your business website, or other electronic channels of communication between your customers and your business. Finally, the possibility of internal sabotage from the desk of someone who already has access to your network should not be taken lightly in this day and age.
There are, therefore, a wide range of application level vulnerabilities that need to be patched in order to have a watertight security system. Each application needs to have its own monitor to determine whether or not it is behaving appropriately. Inappropriate application behavior can be caused by malware, direct hacking, or internal sabotage from a user who already has access to the system. Some of the ways that this behavior can be monitored and controlled are:
* Standards Validation - Make sure that a program's communication complies with protocol standards and shut it down if it doesn't. These standards are designed and/or implemented by a network administrator for this express purpose. If your network doesn't have explicit protocol standards, you can still have your network raise red flags if a particular action taken by an application doesn't adhere to expected usage.
For instance, if a file downloading program typically only downloads one file at a time, but that program is downloading all the files in the database, this may not be a violation of protocol standards, but it's certainly strange behavior that should be looked into.
* Data Limitation - If one application in a network is compromised, it's a problem that can be fixed. If the application sends corrupted data to other machines and programs in the network, which then replicate and send the malicious code, then you have an epidemic that can be nearly impossible to get a handle on. One of the most important parts of an application level security system involves limiting the amount of data that applications can send to one another.
* Application Control - If a web application is supposed to receive electronic payments and deposit them into a company bank account, that's all it should ever do. Application level security can ensure that it simply doesn't have the access to do anything else. This way, even if malicious code causes the application to attempt to re-route the payments to a hacker's account, your security won't allow it.
Outsourcing and Application Level Security
Maintaining a secure system is very difficult on the application layer, and requires the oversight of an information security professional. It's not that it requires constant monitoring, but it does require some attention in order to make sure that hacking attempts get shut down before they cause too much damage.
You have two choices: you can either hire a full-time information security professional to sit around for most of the day waiting for something bad to happen, or you can outsource your application level security to a trusted information security company for a lot less money, time and effort. The choice should be an easy one to make.
Contact Information:
Aaron Klimchuk
Director of Operations
press@leadstormmedia.com
0 komentar:
Posting Komentar