Are your legacy software applications letting hackers in?
Date: Feb 19, 2018
Guest Post: Chris Lund
It’s a real challenge for any IT administrator to stay on top of network security against a constantly changing threat landscape.
The traditional network edge is now all but non-existent thanks to BYOD, homeworking and cloud-based software, and there are inevitable compromises to the hardness of network security as a result.
While it’s a considerable task to keep up to date with the various patches and updates for the newer tools, when breaches do happen, it’s often through older legacy tools that hackers gain access.
It’s hardly surprising: business software and infrastructure has evolved enormously in the last few years. Those platforms on which businesses have been reliant on for 10, 15 years or more, were conceived for a different – dare I say a more innocent – era. They were designed to be housed in closed networks with less devices and as a result their security features fine for the times – are now no longer fit for purpose.
Exacerbating the problem, if those platforms are no longer the backbone of your business software stack, but now fulfill a supporting role, then it’s quite feasible they’ve not received the attention they should from your system admins.
And this is exactly the weakness which hackers thrive on, and through which so many large-scale breaches have been instigated.
Now you might be thinking that old database of outdated customer contacts is of no value to a hacker. But to do so is to misunderstand the dynamics of a hacking attack completely.
The truth is, legacy platforms are often the gateway into the system that eventually leads to a far more serious breach.
Credentials based attacks primarily involve hackers gaining access to weaker parts of the network, such as those legacy applications, using stolen credentials. They then use these as a platform to move laterally through the network, often over an extended period of time, eventually gaining access to core systems and critical business data through re-used passwords, sloppy integrations, or by installing key loggers on unsuspecting users’ machines. In unprotected networks, this can cause havoc, leaving the door open to subsequent follow-up attacks or crippling loss of data.
Scary stuff. So, what can be done about it?
Multifactor authentication solution providers (MFA) make much of their abilities to easily protect the latest web apps and end point devices with a tokenless, single-sign-on MFA solution.
But that’s not where our partner, SecurAccess’ protection capabilities end. Far from it. SecurAccess is designed to integrate with all major firewall, VPN and network infrastructure tools to enable you to ensure network-wide security MFA protection.
Plus, the beauty of implementing tokenless MFA at the network level is that it works in tandem with your firewall.
In doing so, not only does it enable authentication at the network edge, it allows multiple SSO access levels for different user groups, or enforces authentication when access to other, higher value areas of the network is requested. By authenticating at the traffic level, using a solution such as this means that even where the attacker has managed to obtain correct username and passwords, they are blocked from establishing further access.
From a security perspective this is powerful stuff: It’s not quite the silver bullet in dealing with sloppy password practices and malicious phishing attacks, but it’s a powerful tool in your armoury.
Learn more about how SecurAccess works with Cisco, Citrix, Palo Alto and other infrastructure providers to deliver network-wide security, by requesting a call with one of our consultants here.