By Thomas Schmidt
Security 2.0 has emerged in response to a dramatically changing threat landscape. Today's cyber criminals create malicious code for the purpose of obtaining information that can be used for financial gain -- i.e., identity theft or fraud.
Attackers are now fixated on obtaining confidential information, remaining undetected, then selling or otherwise exploiting that information for profit. Gone are the days of hobbyists or look-at-me code writers creating the majority of the problems in the connected world. Identity theft is the motivator.
At the same time, an increasingly mobile workforce, wireless communications, mobile systems, and open networks have redefined workplace boundaries. No longer do companies employ a single corporate platform and operating system. Today, most enterprises routinely mix PCs and Macs with Windows, Unix and Linux, while network boundaries have evolved to include laptops, PDAs, smartphones and more. This means the security focus has shifted from protecting network devices to protecting the people who use the system -- employees, customers, suppliers and partners.
Protecting users
In addition to a changing threat landscape, the increasing popularity of collaborative Web applications such as blogs, social networks, podcasts and wikis has brought a new set of challenges enterprises must contend with. Web 2.0 has brought a new wave of collaborative content, and some of that content can be dangerous to computers. In fact, Web 2.0-style applications that use programming languages such as Java, AJAX and JSON have created yet another avenue for malicious content to make its way into an enterprise's network.
In today's increasingly connected world, many businesses manage their entire supply chains online. And every customer with an Internet connection can conduct banking transactions from home. This means enterprises not only bear the responsibility to protect employees, customers and partners who connect to their networks, but also to ensure that those users remain confident their interactions are secure.
Security 2.0 brings new business models and delivery methods. Traditionally consumers have been responsible for protecting themselves, but now businesses have to take an active role in protecting customers from these new threats. In essence, enterprises must now accept responsibility for devices accessing their networks even when they're not owned or managed by them.
Securing endpoints
There is little question that endpoint security needs to be the cornerstone of the overall security strategy of any enterprise that wants to ensure the confidentiality, integrity and availability of its information. Specifically, particular attention must be paid to so-called unmanaged endpoints -- the endpoints that extend beyond the administrative control of an organization because other parties own them, such as employees, business partners and customers. This is necessary because even though unmanaged endpoints generally have restricted access to sensitive information, they nonetheless carry just as high a risk of being compromised by malware.
Moreover, a comprehensive endpoint security strategy will also include proactive measures to protect an enterprise's network in case any of the endpoints become infected with malicious code.
Endpoint protection can defend against current and emerging threats using proactive technologies that automatically analyze application behaviors and network communication to detect and block attacks. Specifically these include:
- Enhanced antivirus and anti-spyware technology provides real-time malware detection and features new deep-scanning technology designed to find and remove rootkits.
- Proactive threat protection offers protection against zero-day threats and features proactive threat scan, a technology that detects and blocks malware without signatures to prevent outbreaks at the onset.
- New network threat protection incorporates Generic Exploit Blocking (GEB) utilizing unique vulnerability-based IPS technology. Unlike traditional IPS technologies, GEB blocks all new exploits with a single signature, improving detection and remediation.
Conclusion
Given the changing threat landscape, the proliferation of Web 2.0-style applications, and continually shifting network perimeters, enterprises now bear the responsibility to protect the employees, customers, and partners who connect to their networks. The ultimate objective is to ensure that all users are confident their interactions with a company are secure. A comprehensive endpoint security solution must supplement reactive and other less effective countermeasures with multiple security technologies, resulting in broader and stronger endpoint protection.
Tom Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.