Subscribe to our daily newsletter.
Subscribe
  • Sponsored

Managing application permissions to minimize potential attack surfaces

A key strategy for protecting government enterprises against damaging cyberattacks is implementing a zero-trust approach that emphasizes least-privilege access principles. That involves limiting access to users on a need-to-use basis, but also limiting permissions granted to applications, says ThreatLocker CEO and Co-Founder Danny Jenkins in a new podcast interview for CyberScoop.

“The reality is, every application you run has excessive privileges,” says Jenkins. “This is because ease of use comes with consequences. We need to understand what applications are running on our systems and what permissions they truly need.”

Jenkins outlines a three-step process for managing application permissions:

  1. Understand: Get a complete inventory of applications and their existing permissions. Tools like ThreatLocker’s Health Report can help.
  2. Simulate: Define a policy for each application’s permissions and test it in a simulated environment. Observe user behavior and identify any necessary adjustments.
  3. Restrict: Implement the final policy and limit application access to only the resources they absolutely need.

Restricting Internet access for applications is crucial to prevent exploits like the infamous SolarWinds attack, according to Jenkins. Beyond limiting internet access, tools like ThreatLocker’s Ringfencing can help define and regulate granular access control policies for applications.

“We can stop Office from talking to PowerShell, register, run DLL,” explains Jenkins. “We can stop Zoom from communicating with PowerShell, which it doesn’t need to do in the normal course of business.”

In addition, user education is critical. “Make sure your users know what permissions they’re granting when they download software,” says Jenkins. “We need to explain why applications are being blocked and how this protects their data.”

Listen to the full podcast conversation on CyberScoop. Learn more about how ThreatLocker helps government agencies protect their credibility and sensitive data.

Related Podcasts

See All Podcasts