200px wide
1300 378 676
+61 7 3120 0640
[email protected]
CONTACT US
CALL US
CONTACT US
  • Corporate Services
    • IT Support Services
      • Managed IT Services Brisbane
      • IT Consulting
      • Outsource Your IT Department
      • IT Audit & Review
      • Project Services
      • Virtual CIO Services
      • Corporate Apple Services
      • Mobile Device Management
      • IT Support Sydney
      • IT Support Melbourne
    • IT Cyber Security Services
      • Managed Security Services
      • ISO 27001 Services & Consulting
      • IT Cyber Security Audits & Assessments
      • Information Security Management
      • RFFR & DESE ISMS Services
      • The Essential Eight Framework
    • Managed Cloud Services
      • Private Cloud
      • Hybrid Cloud
      • Cloud Consulting
      • Microsoft SharePoint
      • Microsoft Office 365
      • Power BI
      • Amazon Web Services
      • Microsoft Azure
      • Colocation & Server Hosting
      • Cloud Backups
      • Microsoft Teams
    • Managed Network Services
      • Business Internet
      • Power Apps Development & Consulting
      • Managed Wi-Fi
      • Network Security
      • Private WAN
    • Business Telephony
      • Hosted PBX
      • On-Premise PBX
      • Microsoft Teams Calling
      • Call Centre Services
    • Hardware and Software Procurement
    • Supported Industries
      • Accountant & Finance IT Support Services
      • Civil & Construction IT Services
      • Creative Industries IT Support Services
      • Law Firm & Legal IT Support Services
      • Not For Profit IT Support Services
      • Healthcare IT Support Services
      • Real Estate IT Support Services
      • Manufacturing IT Support Services
  • Education Services
    • Education Device Procurement & Technology in Schools
    • IT Support for Education Services
    • Mobile Device Management for Schools
    • Professional Development for Teachers
    • Apple Solution Expert
  • Case Studies
  • News
  • About Us
    • Why Choose Us?
    • Client Testimonials
    • Partners and Awards
    • Careers
  • Contact Us

EWOTEE Ep 4: User Application Hardening

November 8, 2021 By Melissa Hoarau

User Application Hardening

Hi everyone, and welcome to this week’s episode of eight weeks of the essential eight. This week we’re going to explore the essential eight strategy User Application Hardening, and how you can achieve maturity level one.

The ACSC defines this strategy as:

Essential 8 Mitigation Strategy 5: User application hardening to configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g., OLE), web browsers and PDF viewers.

What is user application hardening?

When applications are installed, many of us are guilty of clicking NEXT until we get to the ‘install’ button.

By default, many apps enable functions that aren’t necessary for users while also permitting lowered security level settings. By simply allowing the application to follow the default installation guide, we may be opening opportunities for cyber attackers to infiltrate our systems through unneeded features or lower security levels.

This is especially true for applications like web browsers, email clients, PDF software, or Microsoft Office apps because these can be vectors for malware and are more likely to be targeted by adversaries. User application hardening isn’t nearly as intimidating as some of the other strategies, so it’s easy to overlook it. It’s a bit like dusting your fans or cleaning your blinds – you know it will get done, someday, when you find the time. But while we can live with dust or cobwebs, we can’t allow applications with inadequate security settings to remain on our networks.

So, think of user application hardening as a bit like a spring clean of all your applications. By going through your apps, uninstalling features that are unimportant, and setting unique passwords and usernames instead of default details, you make it significantly harder for adversaries to take advantage of your systems.

User Application Hardening Tips

TIP 1:

The best place to start is by obtaining a list of the applications you have installed on your system and remove the apps that provide little or no value. The applications that remain on your network after the cull should be configured according to user hardening recommendations. Most vendors will have hardening guides for their software and applications, so take the time to review industry best practices for the applications on your network and configure them accordingly.

TIP 2:

Additionally, ensure you remove features on applications that you do not need, and save installed files in non-default program folders to trick cyber attackers, who often seek out these default installation locations. You can also run vulnerability scans using tools (like Nexpose, SAINT or Nessus) to locate vulnerable files and applications.

TIP 3:

Finally, use a web browser plugin or web filtering gateway to block online ads, as cyber attackers often create malicious ads (called ‘malvertising’) to compromise websites and systems.

Implementing Application Control: Maturity Level One

Now, for those of you who are keen to align with Maturity level one, let’s delve a little more into the specific requirements.

Web browsers do not process Java from the internet

While Java once enabled a host of features and effects on websites that weren’t possible in older HTML specifications, these days most features that Java brought to the table can be performed within HTML 5, meaning Java is no longer needed for advanced features on website. This is because Java can be a vector for malware, especially if you are using older versions that have vulnerabilities that malicious sites can use to exploit and infect your system.

Many apps still rely on Java, but you don’t need to block it everywhere; you just need to block it from untrusted or uncontrolled sources like the internet and your web browsers.

Web browsers do not process web advertisements from the internet.

Web pop-ups and advertisements aren’t just annoying; they can also be a conduit for malware and nefarious entities, which is often referred to as ‘malvertising’. Malvertising is the use of online malicious advertisements that spread malware and compromise system through the injection of unwanted or malicious code into ads.

You should ensure your organisation employs a means to block web advertising as much as possible. This can be done via Active Directory or Group Policy Objects and can be supported by content filters on web browsers and applications.

Web browser security settings cannot be changed by users.

There’s no point in implementing web browser security controls if your users can just disable them at-will. Thus, the modification of security controls should be limited to as few administrators as possible, and the ability to disable or modify browser security settings should be restricted on your standard user accounts and workstations.

Now like app control, you can use mobile device or desktop management solutions to apply user application hardening on devices. Such solutions include:

  • Microsoft: Microsoft Intune
  • Apple: JAMF
  • SOPHOS endpoint management

And that’s it for this episode everyone! As usual, if you have any questions please feel free to email me, and I’ll see you next week

Filed Under: News

How To Achieve ISO 27001 Certification

11 Types of Phishing Attacks

Mastering Microsoft Ep 8: How to Externally Share Files in SharePoint

Tags

amazon Apple apps brisbane lions business network security cloud computing cloud management cloud migration cybercrime cybersecurity education email scam emerging technology facebook Google HomePod hybrid cloud management IT Events IT managed service provider it outsourcing IT services it strategy Microsoft microsoft office 365 Mircosoft password security phishing Phone Solutions remax australia remote work two-factor authentication virtual desktop infrastructure windows workplace productivity

Latest News

  • How To Achieve ISO 27001 Certification
  • 11 Types of Phishing Attacks
  • Mastering Microsoft Ep 8: How to Externally Share Files in SharePoint
  • What is cyber insurance and do you need it?
  • Phishing Attack Prevention: How You Can Avoid Becoming the Catch of the Day

eStorm Australia Head Office

Level 1, 16 Old Cleveland Road
Stones Corner, QLD 4120
P: 1300 378 676
P: +61 7 3120 0640
E: [email protected]

Service Centre Springfield

1/145 Sinnathamby Boulevard,
Springfield Central, QLD, 4300
P: (07) 3180 4228
E: [email protected]

Service Centre Toowoomba

11/12 Prescott St,
Toowoomba City, QLD, 4350
P: (07) 4596 6268
E: [email protected]

Interstate Contact

Sydney
P: (02) 9188 5148
Melbourne
P: (03) 9088 6431

 

Client Tools

Pay Invoice
Remote Support
Additional Support
Create a Ticket

NDIS provider

QAssure - 10805 - eStorm
GITC: Q-4675
DET QLD preferred
DoE QLD preferred Supplier

Find us on LinkedIn Follow us on Facebook Find us on YouTube

© 2022 eStorm Australia. All Rights Reserved.

Terms of Service | Refund Policy | Privacy Policy | Social Responsibility Policy