Lately we’ve noticed a rise in virus (including malware, trojan, and spyware) activity with many of our clients. Some of the discussions that have taken place since then have helped us realize that there needs to be much more education on this problem and the possible solutions. We’ll attempt to do that in this month’s newsletter.
Let’s start with the problem itself. Many people don’t realize the amount of attacks that are released by attackers every day. The following chart shows the dramatic increase in signature counts (the amount of threats) from 2002-2010.
Most estimates have this count increasing to over 14,000,000 today. One of the primary reasons for this dramatic increase is because of the new design of many of these threats. Despite being digital, computer viruses act very much like their biological counterparts; they actually have the ability to change and morph into something more effective when they encounter a defense mechanism. Many organizations that thought they were secure have been victimized by both vandalism and theft, as outlined in this CNN article.
Perpetrators are finding new and creative ways to get inside the door, including exploiting anything that touches your network, including printers and smartphones.
Nearly everyone has had some type of problem because of all of these vulnerabilities and exploits. Sometimes, it is only a minor inconvenience in which you spend a few hours cleaning up a workstation or a server and ridding it of an infection. Other times, it can be more devastating, with loss of data, productivity or having to purchase a new machine.
Wouldn’t we all like to just buy an anti-virus program to load and forget about it? It would be almost as easy as taking an aspirin for a headache. You might be surprised by what industry experts think the solution is.
Ian Trump of Mimic Media, a security’s expert who has worked for both the Canadian and US government said this recently at a Managed Security conference – “Unmanaged antivirus does not protect against Advanced Persistent Threats and is not an Enterprise Solution”.
In fact, of the top 35 threat mitigation strategies, antivirus software was number 21 on the list according to this study.
There is no way for anyone to guarantee a virus-free environment and To Solution isn’t going to be the first to do that. But we do feel we have an effective strategy to help our clients reduce their risk significantly.
The top two strategies in the chart from the above link (patching applications and patching operating system vulnerabilities) are included in our ProVision Managed Service offering. Items 3 and 4 from the same chart are always recommended as part of a Best Practice environment.
For years most people have used a desktop and/or server based antivirus package for protection. There is a significant flaw in this software model. There is no way a software package can check for 14,000,000 threats and still give a user acceptable level of performance. Users would be screaming about how slow their machine was operating. The companies have found ways to shortcut the threat identification procedure so that performance is only affected somewhat.
We believe the better model of protection is to layer products in different parts of your network. The first step is to put the protection at your door, instead of inside the house. You can do this by installing a firewall that has intrusion prevention protection, application inspection, and other security software. This stops threats at the gateway to your network instead of trying to clean the infection once they are inside.
Some of these products also offer mail filtering and Web content filtering. And yet another example of layering would be to use a cloud-based mail filtering service. These services filter your email and check it for spam and virus content before the mail ever reaches your network.
With gateway protection in place, you are now able to put a more lightweight antivirus product on your desktops. Many of the newer antivirus programs are written with today’s threats in mind and are more effective than some of the traditional programs. Keep in mind that this is NUMBER 21 on the list.
A simple picture of this set up would be:
Contact your To Solution representative for more information.
Tags: gateway av
