Malware & Your Business: Intrusion Prevention and Antivirus Protection
February 2, 2012
In the first part of our series (“Malware & Your Business: Viruses, Intrusions, and Phishing“) we looked at the online threats facing businesses today and what cost they really have. Today let’s look at the brighter side of life: stopping malware in its tracks. With all the threats facing your business information technology (IT), it’s important to have a wide arsenal of tools available.
Sounds like the sort of thing a movie spy would talk about, right? But we’re not talking about guns or barbed wire. McAfee Labs defines intrusion prevention as:
A preemptive approach to host and network security used to identify and quickly respond to potential threats. An IPS [Intrusion prevention system] monitors individual host and network traffic. An attacker might carry out an attack immediately after gaining access, so an IPS can take immediate action as preset by the network administrator.
Intrusion prevention can take many forms. One of the most prevalent (and necessary) means of detecting and preventing intrusions are firewalls.
Nowadays, this protection is more than a virtual security fence. Changes have come to the office business environment; not only are the threats more sophisticated, but the number of devices connected to your network, and how information on those devices is accessed, has changed dramatically. Firewalls have adapted to these changes, and now offer “the incorporation of content-based security technologies ... identifying threats within the application content,” as a vice president for security and threat management provider Fortinet explained in SC Magazine.
At Cii Technology Solutions we enjoy a successful partnership with SonicWALL. This company offers firewall and intrusion prevention services as part of a unified network security strategy. We’re not the only ones who think so: the company has been nominated in six categories for the SC Magazine IT Security Awards, in which it won last year for Best Web Application Firewall, and just this month won silver in the Enterprise Hardware Category of the Tech Awards Circle (infoTECH News).
If you’d like more technical information on understanding the different intrusion detection and prevention systems out there, check out the “Guide to Intrusion Detection and Prevention Systems (IDPS),” published by the National Institute of Standards and Technology (NIST).
By now most people know that they need good antivirus software to keep their technology safe from malware. But the options are vast, and your business probably needs a different kind of protection than your home computer. So, what characteristics should you look for?
- Threats don’t care about company size, and so you should expect your antivirus software to face just as much junk trying to get in as your (perhaps larger) competitors. Make sure the product you choose has a team behind it focused on keeping track of the latest viruses out there, and that you have access to frequent patches and updates.
- Protect everything that accesses your network, rather than just the desktop computers. With greater adoption of mobile devices and cloud computing, businesses need antivirus that monitors all different types of malware.
- Knowing when things go wrong is just as important as guarantees that things are going well. There may be a time when no matter how many safeguards you have in place, a breach of your network happens. Choose a vendor with a good track record of alerting its customers when such an event occurs and helping them recover.
Last, but certainly not least, is the need to teach your employees the basics of IT security. Sure, you pay good money for quality IT protection and support. But even the best defended fortress is still vulnerable to threats from within. Targeted attacks and spear phishing campaigns mean that hackers may gain access to your network via your own users.
What can you business do?
- Make sure that anyone who accesses your business network is trained on sound, safe computing practices, especially regarding email and social media use.
- Develop and promote policies for potential security risks, like employee-owned devices that access company data or downloaded software on business computers.
- Let users know about the latest threats circulating in the wild, and provide them with tools to quickly alert security personnel when a problem arises.
Users shouldn’t be the weak link in your security plan. Instead, train them to be network defenders.