Top five strategies for combating modern threats:

Is anti-virus dead?

Changing environment and threat

The corporate IT environment has changed irrevocably over the last few years.

Threats are no longer high-profile viruses that spread themselves obviously to millions of internet users for maximum publicity. Now they are highly targeted, silently infecting computers to steal data and make money for criminals. They are increasingly surreptitious and low profile, mutating in hours or even minutes to evade detection.

At the same time, today’s working environment is rapidly changing. The network perimeter has dissolved to such an extent that it is virtually unidentifiable. Yesterday’s “castle and moat” architecture – with its office-based desktops and servers protected by a gateway firewall – has crumbled. Remote working, the use of endpoint devices such as USB sticks, constant internet access and the rapid emergence of Web 2.0 technologies have redefined how employees interact with an organization’s systems. In addition, increasingly complex networks must accommodate not just employees, but also outside contractors, vendors and customers.

The need for all points protection

Cybercriminals exploit any vulnerability they can find to infect corporate networks. Their latest tricks use countless loopholes in web security to get malware onto a user’s computer in seconds. One new infected webpage is discovered every five seconds, and over 90 percent of these pages are on legitimate websites that have been compromised.

Users are duped into visiting these compromised websites, typically via links in spammed emails. There can be layers of complexity with the original website going to another site and that in turn going to a third, and so on, ending with a Trojan being downloaded onto the user’s computer – all of this happening in a matter of seconds.

The task of securing the network against this and other exploits – at the web, email and endpoint – is a daunting challenge for today’s IT departments who are being asked to do more and more with their constrained budgets.

Reducing the attack surface

Within this new threat environment, and as attitudes to work and information continue to evolve away from those of the past, organizations have become more aware of the acute need to control all points on the network to protect its data and systems from criminals. However, the speed with which new threats emerge and infect means that defenses are often inadequate and usually out of date.

Protection versus detection

While much can be achieved by user education and enforcement of acceptable use policies – for example, banning unencrypted laptops and USBs from being taken out of the office, or stipulating what can and cannot be sent by email1 – there is need to take a different approach to technology in order to reduce the attack surface and protect the network, systems and data from malware.

In addition to the ability to detect, there are several criteria that need to be taken into account to ensure ongoing manageable protection. The key strategies are highlighted below.

STRATEGY 1

Maintain traditional anti-virus protection

Totally reliable malware detection remains at the core of any security solution, and updates created by security vendors from samples of particular viruses still form the basis of efficient detection.

Issues of manageability and automation are important – anti-virus will only protect the network if it is correctly configured, deployed and updated across the whole network, and new computers logging on to the network need to have anti-virus software installed immediately and automatically.

So while organizations need to take other approaches into account too and use other technologies, powerful traditional anti-virus protection remains crucial. It is relying solely on the traditional reactive approach that is no longer adequate.

STRATEGY 2

Proactively protect the network

Traditionally, protection against malware and spam was created by security vendors collecting samples of particular viruses and spam, and then developing specific protection. Today this method is simply too slow and inadequate – there are too many targeted threats and they mutate

Related posts:

1. How to Remove Viruses Off a Computer
2. The Importance of Web Hosting Security
3. Home Security – How To Improve your Apartment Security
4. Forex Trading Strategies – How To Use Different Strategies to Earn Profits – Wholesale Dropshippers
5. Seven Reasons Why Your Network Needs a Time Server