User application hardening reduces the ‘attack surface’ threat actors can use to install malicious software onto computer systems (e.g., POS and Dispense). Modifying default settings, blocking, or removing common software used to download or run malware or other malicious code prevents it from running and disrupting your pharmacy IT services.
Application Hardening is best applied when first installing an application to ensure it works as intended and does not reduce the system’s security. Application hardening can be applied after the application has been used, though this may cause users to be impacted and require ongoing adjustment.
Many vendors publish hardening guides for their products. However, many guides are targeted to IT engineers or cybersecurity consultants skilled at configuring systems safely and securely. There are some well-known application hardening guides produced by the Centre for Internet Security (CIS). Most cloud service providers (CSPs) use these guidelines to harden their systems before providing them to their customers.
Corum recommends that pharmacies focus on hardening the most commonly used applications on the system, such as web browsers (Chrome, Edge, Mozilla), PDF readers, and the Microsoft Office suite of programs, as these applications are the most commonly targeted by threat actors.
Web browsers are particularly vulnerable to attack as they provide multiple functions and can run multiple types of code. They’re capable of running videos, software applications (e.g. Office Web), view PDFs and many other essential pharmacy functions. This year alone, Google Chrome has had four zero-day vulnerabilities that threat actors have actively targeted.
We have compiled a list of resources to help your pharmacy apply application hardening to your systems, please click on the links below for our recommended guides.
A guide on Microsoft Office hardening: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-microsoft-365-office-2021-office-2019-and-office-2016
A guide on Google Chrome hardening: https://support.google.com/chrome/a/answer/9710898?hl=en
A guide on Firefox (Mozilla) hardening: https://franklinetech.com/blog/the-ultimate-guide-to-firefox-hardening/
A guide on Microsoft Edge hardening (requires sign-up): https://www.cisecurity.org/benchmark/microsoft_internet_explorer
If you are worried about the security of your pharmacy systems and want to have Corum manage the Application Hardening automatically in your pharmacy and protect yourself from ransomware, speak to your Customer Success Manager or contact us on 1300 669 865.