What to do When Traditional Security Isn’t Enough

Tuesday, June 25, 2013

Paul Lipman

798062984af63011823d48fef7863cd8

Attacks and malware are skyrocketing. Security threats have become increasingly complex, sophisticated and targeted, conducted over multiple threat vectors in combination—and no organization is immune. The AV-TEST Institute states that it now registers more than 200,000 new malicious programs every day, with almost 100 million malicious programs seen in 2012—a number that has been increasing every year. At the same time, the world is becoming increasingly interactive and collaborative, with real time communication among employees, customers and partners, using whatever device come to hand.

Relying on traditional security measures to catch the bad guy in action or prevent being the victim of a breach doesn’t cut it in today’s threat landscape, and IT teams don’t have the time and resources to address each threat vector in isolation, nor should they have to. Integration, automation and flexibility are today’s security commandments maximizing resource and workforce efficiency and effectiveness without worrying the finance department. Consider the following when designing and/or implementing your new take a security measures at work.

Integrated multi-layered security approach

The three vectors for malware entry into an organization are email, web and endpoint. As traditional attack methods leveraging just one vector in isolation, such as emails with malicious attachments, have lost their effectiveness considerably, attackers have been forced to change tactics. Today, they are finding it more effective to use an exploit that blends email and web threat vectors. The goal is to proactively prevent threats and not play catch up to attackers.

Consider a variety of security controls that include email, web and endpoint security solutions to be used in combination as one unified system in order to be able to defend against blended threats. The unified system should provide one centralized management console for administering and managing the security solutions, with one set of security policies enforced across all components. This will ensure that security is comprehensively enforced across email, web and endpoint security controls so that there are no gaps in protection.

Don’t let compliance be your burden.

One further factor that organizations need to consider is the need to develop increasingly complex security policies to take into account the growing burden of corporate governance and regulatory requirements that demand that sensitive corporate data is accessed, processed and stored in a secure manner. Those policies need to be consistently applied and enforced across an ever wider range and number of computing devices and operating platforms to ensure the protection is uniformly applied.

Having a centralized security console that automates reporting and simplifies policies will save IT teams time and the headache of dealing with compliance reporting and audits. It ultimately frees up needed time and resource which can be spent on being more proactive on security measures opposed to reactive when something bad happens.  

Explore cloud-based options for flexibility.

One of the shortcomings of traditional security controls is that they were largely designed to protect on-premise users and applications. Organizations now wish to support the productivity gains and flexibility to work from anywhere that mobile technologies enable, yet few traditional security controls provided support for users accessing resources via mobile devices.

By placing security controls into the cloud, access is afforded for all users, wherever they are, whenever they want and from whatever device they wish to use to connect to the resources that they require to use. This makes it essential that the system chosen provides support for a wide range of devices and operating systems, going beyond the traditional focus on Windows operating systems. Additionally, although traditional reactive anti-malware controls still have their place in guarding against known threats, cloud-based services can provide a higher level of proactive defense by providing protection against new so-called zero day threats and advanced threats that use blended attack mechanisms and vectors of attack.

Organizations should look for a service that operates a global threat intelligence facility covering both web and email security, collecting feeds regarding the latest threats and malicious websites from sources world- wide, including from their own customers and specialized sources. As new threats are encountered they can be blocked before they reach customers and, as countermeasures are developed, these can be sent out to all customers of the service automatically as soon as they are available.

About the Author: Paul Lipman is CEO of Total Defense

Possibly Related Articles:
9872
Viruses & Malware
Information Security
Threats Endpoint Security
Post Rating I Like this!
Default-avatar
Lucy Trippett Hi there, could your company please stop making unauthorised withdrawals from my credit card please. A number of people in Australia cannot get through to customer support to cease the transactions. Apparently when we bought your product we automatically signed up for a yearly subscription for forever I suspect, well I haven't used whatever product I bought from you for years so I respectfully ask that you stop taking my money. I am not at all impressed with the fine print scenario of your organisation, my bank seems to think your activities are bordering on fraudulent and apparently I may need to destroy my credit card to stop you. Thanks very much, Lucy Trippett australia
1372654484
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.