The world is an imperfect place, and software is certainly no exception. The operating systems and complex applications that businesses rely on are composed of millions of lines of code, and it is inevitable that flaws will exist and that attackers will exploit them. It is a simple fact of IT life.
Most software developers do their best to follow secure coding practices, and diligently work to identify and resolve flaws, while hackers and malware developers focus on finding vulnerabilities to exploit. Businesses and end users are caught in the middle, just trying to minimize risk and avoid malware exploits.
Wearing a Bull's-Eye on Your Back
Zero-day vulnerabilities are not as big a threat as sensational headlines make them seem, but a well-executed zero-day exploit can have devastating impact. The reality is that most attacks target known vulnerabilities, but you must protect your endpoint PCs against both known and unknown threats.
Microsoft recently revealed that "none of the top malware families in the first half of 2011 were known to be distributed through the use of zero days, and while some smaller families did take advantage of zero-day vulnerabilities, less than one percent of all exploit attempts were against zero-day issues."
There is a rich history of highly successful exploits and malware attacks targeting known vulnerabilities. The SQL Slammer worm that crippled much of the Internet in less than an hour in 2003 targeted a buffer overflow flaw in SQL Server that Microsoft had identified and developed a patch for more than six months earlier. The compromised systems simply weren't patched in time.
The flip side of that coin, though, is that it's always possible a malicious attack could discover and exploit an unknown vulnerability. Precision attacks directed at specific targets with a focused goal do particularly well with zero-day exploits.
Businesses need effective security in place to protect endpoint systems during the gap between when a patch is published and when it is actually deployed to endpoint PCs. You need to make sure that your PCs are adequately protected against known vulnerabilities, and that they also have technologies in place to recognize and thwart emerging threats.
Just Keeping Up
Staying informed of flaws and vulnerabilities and securing endpoints to guard against attacks is a full-time job. Microsoft published 99 security bulletins in 2011, addressing hundreds of individual software vulnerabilities, any of which malware or some other attack might exploit.
That figure is just for Microsoft, and it doesn't include other less urgent updates for Microsoft operating systems and applications that don't have a security impact. And while many organizations rely heavily on Microsoft software, ubiquitous tools such as Adobe Reader, Adobe Flash, and Java, as well as a wide range of third-party applications and technologies, also have holes and weaknesses that could be exploited.
Embracing Diversity
As if that weren't complicated enough, many organizations must also deal with an increasingly diverse array of operating systems and technologies. As employees continue to bring their own devices to work (the BYOD trend) and as IT evolves and becomes more consumerized, the world is getting less Microsoft-centric over time.
While there are pros and cons to Windows, Mac OS X, and Linux, and there are benefits to deploying a heterogeneous platform, doing so inevitably introduces more complexity. The more diverse and less uniform the IT infrastructure becomes, the more difficult it is to keep all of it protected and up to date.
State-of-the-Art Defense
Smaller businesses are often at a disadvantage relative to larger enterprises. They face the same threats and security issues, but lack the financial resources and dedicated IT staff to monitor and defend the network 24/7. What these businesses need is a simple solution that can protect endpoint PCs with minimal cost and administrative overhead.
Symantec Endpoint Protection provides a comprehensive suite of security tools that can be managed and deployed from one console. Symantec Endpoint Protection includes antivirus, antispyware, personal firewall, and host intrusion prevention to guard PCs against a complete range of malware and malicious attacks.
Symantec is a recognized leader in information security, and the state-of-the-art security in Symantec Endpoint Protection includes:
- Symantec Insight—a system that proactively tracks the age, prevalence, and security rating of nearly every file on the Internet. By actively monitoring all files traversing the Internet, Symantec can simplify analysis and quickly recognize new or changed threats.
- SONAR 3—The next-generation replacement for Symantec's TruScan technology, SONAR 3 examines programs as they are running to identify suspicious or malicious behavior and stop threats in their tracks.
- Browser Intrusion Prevention—Symantec recognizes that the Web browser has become the target of choice for malware attacks, and it has developed protection to specifically recognize and block browser-based attacks.
- Antivirus for Mac OS X and Linux—While the scope and impact of malware threats for platforms other than Windows is minimal, attacks are still possible. As Mac OS X and Linux systems gain a bigger footprint in the PC arena, they also become bigger targets and need to have protection in place.
Effective PC Protection
Symantec Endpoint Protection provides a framework to protect your PCs from virtually all attacks, whether from known or emerging threats.
As important as the protection itself is, it is also critical that the security solution itself be simple to manage and maintain. Symantec Endpoint Protection delivers on the administrative side as well.
Symantec Endpoint Protection has a central console so you can manage your security from a single PC. It comes with wizards and flexible deployment options that streamline installations and upgrades on the endpoint PCs, and the Smart Scheduler technology lets you configure Symantec Endpoint Security to perform noncritical security tasks at times when the computer is idle to avoid impacting productivity.
There is no such thing as a set-it-and-forget-it, silver-bullet approach to PC security. You always have to monitor and maintain your security to make sure your PCs are protected. But Symantec Endpoint Protection enables you to do that with minimal effort and gets you back to focusing on your real business.
0 comments:
Post a Comment