Story image

Threats? Manage with tech and policy.

01 Nov 12

Whether a small business or an enterprise, when business information is on the line the organisation is at risk. IT managers can no longer afford to think their business is invisible to cybercriminals, especially as technology has reached a point where employees are potentially accessing sensitive company data on their mobile devices every day of the week. Taking the appropriate steps to protect these devices and the information they contain, while educating employees in safe internet use, is a necessity.

Regardless of the size of your business, or what platform you’re accessing company data on, a strategy is necessary to manage the security of information and people. Cybercriminals can change their tactics as quickly as technology trends change, so it’s important to be armed with the right tools to protect your data; but doing so relies on a combination of technology and policy.

Deploying a reliable and easy to manage security solution throughout your organisation on all endpoints including mobile devices is crucial. Today’s security solutions do more than just prevent viruses. They scan files regularly for unusual changes in file size, scan programs that match databases of known malware, scan suspicious email attachments and offer other warning signs.

To protect against security threats, businesses need a comprehensive endpoint security product that includes additional layers of protection including:

  • File and web-based reputation solutions that provide a risk-and-reputation rating of any application and website to prevent rapidly mutating and polymorphic malware;

  • Endpoint intrusion prevention that protects against unpatched vulnerabilities from being exploited, protects against social engineering attacks, and stops malware from making it onto endpoints;

  • Browser protection for protection against stealthy Web-based attacks;

  • Heuristic file-based malware prevention to provide more intelligent protection against unknown threats;

  • Real-time behavioral analysis capabilities that look at the behavior of applications as they execute for malware-like activity;

  • Application control settings that can prevent applications and browser plug-ins from downloading unauthorised malicious content;

  • Device control settings that prevent and limit the types of USB devices to be used.

In many cases, implementing a program of user education can prevent or expose an attack. For example, restricting the use of USB devices limits exposure to threats designed to propagate through removable media. Educating users not to open unsolicited email attachments and not to click on links in email or instant messages can also help prevent breaches.

One of the easiest things a business can also do is enforce strong password policies. Maintaining strong passwords will help
you protect the data if a device is lost or hacked. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Have employees change their passwords on a regular basis, at least every 90 days.

Businesses should also look to implement encryption technologies on all desktops, laptops and removable media. With encryption, confidential information is protected from unauthorised access, providing strong security for intellectual property, customer and partner data.

Protecting information is more than implementing an antivirus solution. Backup and recovery are critical components of complete information protection that keep desktops, servers and applications running smoothly in case of disruption – whether it’s a flood, an earthquake, a virus, system failure or human error.

The increase in both the sophistication and frequency of security attacks on enterprises has changed the threat landscape forever. Enterprises must now have the confidence that they are protected by a security solution that covers everything from desktops to laptops and mobile devices.

STT GDC to build hyperscale data centre in Singapore
ST Telemedia Global Data Centres (STT GDC) today unveiled ambitious plans for expansion with its largest data centre in Singapore to date.
Golden opportunities for enterprise e-waste reduction
E-waste is a hot topic in tech circles, and Park Place's EMEA MD believes there could be huge opportunities if data centres and enterprises improve their practices.
How Schneider Electric aims to simplify IT management
With IT Expert, Schneider Electric aims to ensure secure, vendor agnostic, wherever-you-go monitoring and visibility of all IoT-enabled physical infrastructure assets.
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Cisco dominates record-high Ethernet switch & router markets
While the market is flourishing, it’s tough-going as Cisco has increased its majority share of the pie.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
QNAP introduces new 10GbE and Thunderbolt 3 NAS series
The new series is supposedly an all-in-one NAS solution for file storage, backup, sharing, synchronisation and centralised management.