The Record - Issue 20: Spring 2021

71 In early 2020, US-based software firm SolarWinds was the victim of a cyberattack that spread to its clients. For clients that used Ringfencing for the SolarWinds applications, the attack was limited to the assets it was able to access inside their networks. “If you limit what an application can do, when it’s compromised, the amount of potential dam- age is limited to what it needs to access,” says Jenkins. “So, for example, if accounting software QuickBooks is compromised and it only has access to the QuickBooks Database, then that is the only thing it can damage. Limit what an application can do at multiple levels and you can really harden your attack. “Don’t trust anything past what it needs to do, and then when you get breached, your breach is going to be so insignificant it doesn’t matter. If you adopt an open-wide approach, breaches create business-ending consequences. The most likely way to go out of business in 2021 is a cyber breach.” ThreatLocker is helping its customers to implement these security protocols. “We exist to bring these zero-trust con- trols, which were previously only available for very large enterprises, to the endpoint,” says Jenkins. “A small business or a managed service provider has many clients all running different software, with updates on their own schedules. Zero trust gets very complicated at this point because you now have to worry about all those updates. “We have taken this concept of zero trust and created predefined parameters of what is required to run programmes such as Windows or Microsoft Office so that the customer doesn’t need to worry if various updates will get blocked.” ThreatLocker Ringfencing secures applica- tions so that they cannot interact with other parts of a system in a negative way. “We compartmentalise those attacks, so if there’s a vulnerability in a piece of software, if there’s a zero-day vulnerability, the likelihood of an effective attack is reduced massively, if not completely. We’re giving customers new levels of visibility and control.”

RkJQdWJsaXNoZXIy NzQ1NTk=