Page 17 - Cyber Warnings
P. 17
For example, MS Outlook security policy options are available to control:
How administrator settings and user settings interact in Outlook 2013
Outlook COM add-ins
ActiveX and custom forms security
Programmatic Access settings
Settings for Attachments, Cryptography, Digital signatures, Junk email, Information
Rights Management and Protected view
Similarly, fine grain security settings are available for Excel, Word, PowerPoint and Office, all
serving to mitigate vulnerabilities within the application that could be exploited by an attacker,
overall bolstering Ransomware defenses.
Likewise for contemporary browsers like Chrome, Firefox and Internet Explorer, antiphishing
controls should be enabled alongside other built-in security measures that are often disabled by
default.
Key Questions Regarding Desktop Application Hardening
Which settings need to be set and which are optional?
What are the implications in terms of user experience and application function if security
settings are enabled?
How do you actually apply the necessary secure configuration, and how do you do it in
bulk for your entire IT estate?
Help is at Hand: 5 Steps to Mitigate the Ransomware Threat
1. Hardening Homework: While organizations like The Center for Internet Security (CIS),
NIST and the National Vulnerability Database provide system hardening guidance, you’ll
still need to work out what is right for your users
2. Leverage Automation: Most scanners and FIM solutions will provide fast, automated
reports to establish where vulnerabilities exist, while the best options will also provide
remediation advice, or better still, Group Policy or Puppet templates to automatically
apply a hardened configuration to Workstations and their Applications.
3. Change Control: You’ll also need to make sure that patching is up to date as a further
means of closing of exploitable vulnerabilities, but think about getting more structured.
Change control is a key security best practice when done right, makes a cyber attack
much easier to detect and head-off before lasting damage is done
17 Cyber Warnings E-Magazine – July 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
