Protect Legacy Applications from Cyber Attacks
- Legacy applications are integral to most businesses and are heavily relied upon in the public sector
- Many legacy applications were written in a time when security was much less of a concern than today
- Isolation is the only solution that can absolutely eliminate kernel-level exploits and malware escapes
- Detection is obsolete and the future of cybersecurity defense is rooted squarely in virtualization
What makes an organization unique? Arguably, one characteristic is its proprietary operational systems and processes that generate sustainable competitive advantage. Legacy applications are integral to most businesses and heavily relied upon in the public sector. They also represent some of the most difficult attack vectors to secure.
According to Gartner, Inc.’s 2017 CIO Agenda survey, 51 to 60 percent of government core business applications were implemented between 1990 and 2009, depending on the tier of government. By comparison, top performing organizations in the private sector report 42 percent of their core business applications date from the same time period. Since many of these older applications also interact with modern inbound data sources—coupled with a dramatic rise in Windows kernel exploits that few defensive solutions can prevent—it’s no wonder that few CIOs and CISOs sleep soundly at night!
Many legacy applications were written when security was much less of a concern than it is today. Perhaps it’s a home-grown application whose programmer retired ages ago. Or maybe it’s a specialized viewer for proprietary filetypes or remote desktop access. In some cases, the products are obsolete or the vendors have long since gone out of business, yet the applications remain and are indispensable. How do you secure something like this? The answer is virtualization. Since you can’t change the old code, your only recourse is to contain its behavior.
Read the entire article here, Protect Legacy Applications from Cyber Attacks
via the fine folks at Bromium