Business owners and IT managers would think that their anti-virus software would be enough for their day to day protection needs. They think that a separate endpoint security would be an additional cost and another thing to manage.
But what we read in the papers are constant reminders that malware attacks and data leakage incidents are really on the rise. High profile incidents that make big new might seem out of the ordinary, yet businesses of every size face similar risks in the everyday acts of using digital technology and the internet for legitimate purposes.
Then, it was the anti-virus technology and the necessary response to security’s most common, but the most riskiest aspects. Where you need more than anti-virus is a not just a technological decision….it is a business decision. The original anti-virus concepts where zero-day threats are not handled is getting to be one of the biggest headaches in the IT security world today. Before, signature-based detection was sufficient when threats were fewer, farther between and generally, less dangerous.
Now that organized (or even, non-organized) cyber-criminals relentlessly troll for vulnerabilities, the risk is always high for ANY organization that uses technology in ordinary and legitimate ways. Because exposure lies in such situations, organizations must update their protection beyond the traditional anti-virus. As experience show, letting your guard down has dangerous consequences.
But what are these ordinary situations that can bring you staggering consequences? Let me enumerate them:
A. Zero day threats
Zero-day threats are defined as threats which wreak havoc without having the anti-virus software identify it. No signature means no detection, no detection means no removal, and no removal means havoc. Examples of these are malware which consists of different identities everytime and those threats which seem to morph everytime.
What they can do to you? They can destroy your operating systems, steal information from your databases and servers and can put down your network.
B. Letting your employees work outside of the firewall
Before, employees just use to work within the protected and comfort levels of their internal corporate network where firewalls and gateways rule. But now, people work in airport lounges, internet cafes, hotels and their own homes.
What they can do to you? Working in unprotected networks is always risky. The Conficker virus is spread in vulnerable networks and that persistent outbreak experienced last year (and even up to now) created worldwide damage.
C. The unpatched PC
Patching means putting updates because of software lacks, mostly because of security. Some people choose to ignore updates on their PCs, and some systems administrators choose not to patch their servers because of the extensiveness of the activity.
What they can do to you? Simple…. the hackers simply exploit the security loopholes…. resulting in data loss… or they can simply use these loopholes as entry points for their more damaging exploit software.
D. The uncontrolled applications
Social networking sites as well as instant messengers are one of the security holes that must be covered. People with malicious intent (or sometimes, even those without malicious intent), intentionally or unintentionally leaks information via these channels.
E. Web Insecurity
Phishing websites are now used as data leakage channels. Why? it is because people simply trust the the valid websites, so that phishers imitate these websites.
A lost laptop is one of the biggest issues in data leakage. Imagine a laptop containing years and years of accounting information. Or imagine a laptop containing information on one of your most innovative products.. Once the laptop is lost, the information stored in there now has a new owner.
G. The misdirected e-mail
One small click, and that document that you may be protecting may fall into wrong hands. Such slim margins are unacceptable if that email contains very confidential data. In some organizations, employees use email to transfer information or to steal these data that they can sell or do identity theft.
Every time a user plug a USB device into a company computer, they bypass other layers of defense such as the gateway or the firewall protection. This makes devices with USB ports an easy means of attack. If no protection is available, it is an available swinging door for malware and data loss or theft channel. Also, do not forget that these USB devices are main channels of malware.
As normal incidents show, there is no longer anything unusual about malware attacks and data breaches. Most happen everyday, and the classic anti-virus software is designed to block some of the threats. The best defense at the endpoint is multiple layers of protection integrated into a single solution, including live anti-virus, behavior based detection, URL filtering, applications control, network access control, data encryption, data loss prevention and device control.
Security can’t be handled by a single solution anymore.