In this part we will create a very high level view of software protection to implement in your company. This subject should be covered in several books. However, let’s at least mention the basics and create a starting point.
Software usually falls into following categories:
- Firmware
- Operating system
- Business applications, third party apps and tools
Firmware:
On your computer or smartphone this is the software that loads the operating system, very small bit of software, but very important. Here there aren’t many accessible tools to offer protection. The best you can do, is keep your smartphone up to date and if your computer has a “BIOS or firmware” update due, do it (on computers ideally let this be carried out by IT as there is a chance if you disconnect power during the update it to never start again).
Operating system:
Here matters are more straight forward. Fom low level up here are the tools:
- Ensure the system and data drives are encrypted using BitLocker (if using Windows)
- Secure boot is a must have feature that must be turned on. (https://www.intel.com/content/www/us/en/support/articles/000006942/boards-and-kits/desktop-boards.html)
- A trusted Endpoint protection anti-virus/anti-malware software is installed. We recommend Bitdefender Endpoint Security. (https://www.bitdefender.com/business/solutions/endpoint-security.html)
- The operating system MUST BE KEPT UP TO DATE! Do not ignore this under any circumstance. Easiest is to leave Windows Update with default settings and not mess with it. In the past administrators would have disabled or scheduled updates due to low bandwidth constraints and lack of system updates schedule but since Windows 10 updates rarely interfere with users work. Especially with remote workers make sure updates are installing.
- Leverage Windows Hello or complex passwords to log into the operating systems. Even if you are a small business do not leave this turned off. Yes, it is annoying but without this all the above are rendered useless.
Business applications, third party apps and tools
These are the most vulnerable and exploited.
Application lifecycle management needs to be implemented and adhered to. Most companies implement it initially, assign business application owners and quick forget about the process. Then when a security incident happens the blaming game starts.
Application lifecycle management sounds like a complex process, but it is not. In simple terms it means to designate a person as AO (application owner) who then manages the interaction between the software producer and IT to keep the application up to date on systems as updates are published and decommission the app when no longer needed. This is the person that bugs or errors related to the software are reported to.