Support Your Local Software

Support Your Local Software

By Steve Gold
Posted in Security
On May 09, 2023

Hopefully by now you’re seeing a trend. You need full visibility into your environment and you also need both the visibility and capability to remove any unauthorized assets or software. I know this may seem kind of basic, but remember, we are only at Control 2. Wait till we get to Control 17 and start discussing Incident Response. But let’s not get ahead of ourselves just yet. After all, we are working with a prescriptive, prioritized, and simplified set of best practices.

In the previous blog, I shared the many different types of software/applications that exist in your environment. The ones installed by your corporate IT, the ones installed by default by the hardware vendor or required by the VM vendor, and then those incredibly amazing apps that your users are downloading and installing. Boy, do we love those.

Today, we’re going to talk about ensuring whatever software you have, and you know about, is supported. Now, supported can mean a few things:

  • Supported by the manufacturer, i.e., current version
  • Supported from a version perspective, i.e., patched/updated
  • Supported from a security perspective to ensure there are no known vulnerabilities

The visibility of knowing what software you have (version/build) and where it lives is only half the battle. The other half is to know whether that version is supported, patched, and secured. Fortunately, there are many commercial off the shelf (COTS) tools that can do this automatically. However, if you’re one of those people that likes to spend hours searching through websites for this info and then comparing it to a spreadsheet, you can do that as well.

Here’s the CIS definition of this Control/Safeguard

CIS Control 2 - Inventory and Control of Software Assets

Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.

Implementation Group 1

CIS Safeguard 2.2 - Ensure Authorized Software is Currently Supported

Ensure that only currently supported software is designated as authorized in the software inventory for enterprise assets. If software is unsupported, yet necessary for the fulfillment of the enterprise’s mission, document an exception detailing mitigating controls and residual risk acceptance. For any unsupported software without an exception documentation, designate it as unauthorized. Review the software list to verify software support at least monthly, or more frequently.

Steve Gold

Steve Gold

Steve Gold is Gotham’s Cybersecurity Practice Director. During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies, including Dell and VMware. His expertise includes Cloud Computing, Channel Development, Territory Management, and Government Sales. For the past decade, Steve focused on helping State, Local, and Educational organizations secure their data and worked to assist them in implementing technology solutions that address their major business challenges.