What is Application Ring-fencing?

Introduction

You may not already know this, but applications on your workstation are capable of communicating with each other in the background. This is exactly what cybercriminals are aiming to exploit, weaponising this communication to their advantage. When an employee in your organisation falls prey to a phishing attack, by opening a malicious file with macros or scripted code. The application they are using to view/open the file can become weaponised, communicate malicious instructions to other applications like your web browser, PowerShell, or Command Prompt. The end goal to download and spread ransomware, malware etc. This is where Application Ring-fencing tools comes in.

What is Ring-fencing?

The Application Ring-fencing solution is a powerful tool giving you granular control over applications and allowing better protect of your workstations.You can set application policies across your organisation that prevent specific applications on your workstations from communicating or interacting with your files, data, other applications, or the internet. If an application on your workstation becomes compromised by ransomware, the policies set in place with Ring-fencing will stop the application from spreading the ransomware’s scripted instructions.

Ring-fencing goes hand-in-hand with the Application Allowlisting tool where Allowlisting acts as your first line of defence, and Ring-fencing as your second. If the ransomware somehow penetrates your Allowlisting policies, Ring-fencing steps in to mitigate the spread of malicious instructions on your workstation, ultimately stopping ransomware before it is too late.

Why is Ring-fencing Important?

Application Ring-fencing has the ability to mitigate and prevent application attacks, vulnerability exploits in software, and other ransomware attacks caused by human error due to social engineering and phishing attacks. The solution steps in to prevent legitimate software being used against your organisation that could be out of your control.  A strong example of Application Ring-fencing’s capabilities was demonstrated in 2021 when Kaseya and its customers fell victim to the REvil vulnerability exploit. Kaseya’s customers who also implemented an Application Ring-fencing tool as part of their security strategy were protected from the ransomware attack.

Conclusion

Application Ring-fencing is a unique security tool that strictly enforces a zero trust posture between applications. With the right policies put into place with Ring-fencing, it can run 24 hours a day, 365 days a year, keeping your organisation safe, and allowing you to sleep easy at night as your organisation stays protected. 

Personos can help you implement Application Ring-fencing aspart of the Endpoint Privilege and Application Control management solution, please contact us for more information.

Back