How to Mitigate the Security Risk of Orphaned Applications

 
 
By Ryan C. Barnett  |  Posted 2010-09-21 Email Print this article Print
 
 
 
 
 
 
 

The current economic climate is forcing many organizations to cut back and consolidate, leaving many applications abandoned. Unfortunately, these orphaned applications can create cracks in security and disrupt business as the applications are not adequately assigned and managed. Here, Knowledge Center contributor Ryan C. Barnett discusses the impact of orphaned application syndrome and offers simple steps companies can take to mitigate their risk.

As today's tumultuous economic climate forces organizations in both the private and public sectors to scale back or downsize, many programs, initiatives and even technologies have been abandoned. Similarly, the current economic environment has been rife with mergers and acquisition activity as companies and industries scramble to stay afloat. This has resulted in programs and projects that remain abandoned in their new homes.

In fact, a recent survey of 180 IT security professionals found that over 45 percent of respondents experienced a reduction in force that impacted their security organization's ability to adequately protect the enterprise.

While these effects are often chalked up to the pains of staying in business during challenging financial times, the problem of orphaned applications can mean far greater consequences for organizations if it remains unchecked. In this article, I will explain the challenges of orphaned applications and how organizations can protect them-and the sensitive information they can expose-against savvy Web hackers.

Orphaned application syndrome

Orphaned applications are those that have fallen through the cracks of asset management. In general, it means that the application is still on the network and externally accessible, but no one person or group has been tasked with its administration and management.

The problem with orphaned applications is that the systems are not properly assigned and managed, which means that no one is monitoring the application logging or updating the software with current security fixes and patches. As a result, the applications are left exposed and as ripe targets for attackers to use hacking methods such as SQL injections, cross-site scripting (XSS), and session hijacking and scraping to confiscate confidential information.

The cost of data leakage from abandoned applications could be steep. A recent study found that the financial impact of identity threat breaches is on the rise, with an average cost of $6.75 million per incident. Up to 80 percent of successful attacks against organizations occur due to exploitation of vulnerabilities in Web applications. MasterCard has identified SQL injection as the top reason for card data compromise.




 
 
 
 
Ryan C. Barnett is a Senior Security Researcher on Trustwave's SpiderLabs Team. Ryan is a SANS Institute faculty member and the OWASP ModSecurity Core Rule Set (CRS) Project Leader. Ryan is also a member of the Web Application Security Consortium (WASC) where he leads the Distributed Open Proxy Honeypot Project. He can be reached at rbarnett@trustwave.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel