Teaching Old Dogs New Tricks

Written by

Many legacy apps are running the day-to-day core business functions at enterprises – trading platforms, airline ticketing, core banking suites, etc. They’re accessing highly valuable data across networks to provide essential business functions.

However, while new applications are developed using modern development trends and security protocols, these critical legacy applications are not. Instead, security is through opaque unchangeable closed protocols’ and often there is no support for single-sign on including Radius or SAML. The result? Huge risk as core mission-critical assets are open to attack. 

To protect their networks and data, organizations across the globe need to ask themselves how they can bridge the gap between legacy applications and modern security solutions. 

The threat of legacy apps or how these ‘old dogs’ can put the organization at risk 
Legacy applications require older IT environment and software – from operating systems and databases to specific hardware. While applications are developed using modern development trends, there are also a large proportion of them that are legacy.

For example, older applications are still used in running the day-to-day core business functions at many organizations and often have access to highly valuable data across networks.

However, the adoption of cloud services, employee mobility and increased inter-organization collaboration, has shifted today’s modern enterprise towards a new, dynamic environment. Indeed, the growth in the number of devices moving both inside and outside the perimeter has stretched the traditional security model used by enterprises beyond recognition. What seemed secure years ago may no longer be secure today.

In this dynamic environment, legacy apps are progressively targeted by cyber-criminals in an attempt to breach the organization’s perimeter and penetrate the network. Those applications act as gateway for malicious actors to exfiltrate sensitive data, hold assets to ransom or wreak havoc in other way.
How to identify instances of legacy apps within the infrastructure 

Security teams need to gain an understanding of each application within their network and find out how it interacts with external entities as this will help them identify potential security threats. 

Proactively scanning and analyzing applications can help organizations identify their weakest links and reveal vulnerabilities found in services running on their system, such as open ports on devices that could allow malicious apps to run or communicate on them.

In addition to scanning for application vulnerabilities and patching them, enterprises should also carefully limit access to sensitive applications to only those users who need it for a business purpose. This protects applications with known and unknown vulnerabilities from exploitation by hackers who may be lurking in a network.

How to introduce security when it wasn’t built in and can’t be added directly 
Safeguarding old applications is a necessity in today’s evolving threat landscape. To avoid any unpleasant surprises, organizations need to monitor all applications – both new and legacy, to understand the stage of their security landscape. 

In addition, today’s networks are far too open, which is a root cause of the many successful attacks and breaches affecting the IT industry. Also, legacy apps are contributing to the issue. Thus, network access to systems – even without login credentials – is a privilege that must be managed. Organizations need to ensure that users and devices are securely on-boarded and validated before any access is permitted. 

A zero-trust model using software-defined perimeter technology, dictates that you verify first, then allow access to only what is needed and authorized. So, in the case of an APT, if a legitimate user's password is compromised, applications are still secure because multiple thresholds would have to be met before access to resources is granted.

Keeping application and services that a user is not authorized to access hidden behind invisible doors helps to prevent intruders armed with stolen credentials from finding and exploiting valuable network assets.

As enterprises continue to steadily transition to cloud-based infrastructure, so do their security risks. But often, companies forget that old technologies pose serious risks too, including increased security threats, loss of productivity and data corruption.

The adoption of emerging technologies, like a software defined perimeter, can significantly reduce attack surfaces and decrease the risk of a major security incident.

What’s hot on Infosecurity Magazine?