Category Archives: Business

Reduce Your Investment In Endpoint Security

Trojans, worms and spyware sound like elements straight from a summer blockbuster, but the kind of action/adventure they provide on your PCs, Macs, smartphones and tablets make them more like a horror movie.

By deploying effective endpoint security, you can help prevent attacks and keep your users safe from viruses and other malware, such as spear phishing and advanced persistent threats. Today’s  state-of-the-art endpoint security has come a long way from its early roots in “antivirus” and has morphed into a complex suite of sophisticated protections against modern threats.

 

But good protection isn’t free; so, how can you save money, while still protecting your computers? Here’s how to reduce your investment….

 

Keeping users safe

In an ideal world, users would be perfectly security conscious. These mythical users wouldn’t:

  • Click on suspicious links.
  • Open file attachments emailed by criminals pretending to be their friends.
  • Respond to phishing messages that appear to be from a bank.
  • Disable software updates because warnings and reboots are annoying.
  • Disable a security product because it slows down their PC.
  • Install free software from an untrustworthy developer, because their friend liked it on Facebook.

Sadly, our world is less than ideal. Much, much less: A recent report said that 86 percent of U.S. businesses surveyed had lost sensitive data during the previous year.

User awareness training helps, but it isn’t sufficient. That’s why your endpoints need securing. Doing so helps prevent your users from accidentally exposing sensitive business information, such as your  banking credentials, secret-sauce recipes or future product plans.

 

Save time and money on endpoint security

Your challenge is to protect your users while minimizing costs: How do you save time and money, while keeping your company safe?

Look for a modern endpoint security solution – not one thrown together from an old antivirus program and a fresh coat of paint.

 

How can you tell?

A start-of-the-art solution does the following:

  • Works intelligently in the background, without bogging down the user’s computer
  • Scans for malware in seconds, not hours
  • Uses a reliable, built-from-the-ground-up cloud security service to identify malware, not a huge signature file that’s quickly out-of-date
  • Works intelligently while offline, reconnecting with the cloud service to check changes made while disconnected
  • Fixes infected PCs, if necessary, by rolling back the computer’s state to a known-good point
  • Automatically monitors untrusted software executions to prevent infection
  • Allows you to enforce certain policy settings, such as use of USB ports, and prevents users from disabling security features
  • Doesn’t fight with competing installed products, to allow you to test it safely

Home office users can save money with cloud computing

Why move to the cloud? There are plenty of good reasons, but mainly it makes good business sense. You can call it efficiency, or call it doing more with less. But whichever spin you prefer, cloud computing lets you focus on what’s important: your business.

Cloud computing can be used for almost all types of applications, not just business security. While the idea of cloud computing can sometimes seem hard to grasp, it’s clear that it saves its users money – especially SMBs, including small office/home office (SOHO).

 

Plenty of oh-so-clever industry people will tell you what cloud computing is and isn’t. Here’s my simple view: It’s what we used to call software as a service (SaaS), but it’s set up so it’s easy to switch on, simple to expand and contract, and usually has a usage-based pricing model.

Read on to discover why moving to the cloud will save you money in five ways (six, if you’re picky)….

 

1. Fully utilized hardware

Cloud computing brings natural economies of scale. The practicalities of cloud computing mean high utilization and smoothing of the inevitable peaks and troughs in workloads. Your workloads will share server infrastructure with other organizations’ computing needs. This allows the cloud-computing provider to optimize the hardware needs of its data centers, which means lower costs for you.

 

2. Lower power costs

Cloud computing uses less electricity. That’s an inevitable result of the economies of scale I just discussed: Better hardware utilization means more efficient power use. When you run your own data center, your servers won’t be fully-utilized (unless yours is a very unusual organization). Idle servers waste energy. So a cloud service provider can charge you less for energy used than you’re spending in your own data center.

 

3. Lower people costs

Whenever I analyze organizations’ computing costs, the staffing budget is usually the biggest single line item; it often makes up more than half of the total. Why so high? Good IT people are expensive; their salaries, benefits, and other employment costs usually outweigh the costs of hardware and software. And that’s even before you add in the cost of recruiting good staff with the right experience.

When you move to the cloud, some of the money you pay for the service goes to the provider’s staffing costs. But it’s typically a much smaller amount than if you did all that work in-house. Yet again, we have to thank our old friend:economies of scale.

(In case you worry that moving to the cloud means firing good workers, don’t. Many organizations that move to cloud computing find they can redeploy their scarce, valuable IT people resources to areas that make more money for the business.)

How to Secure Mobile Workforce Devices

Bluetooth is best known as the wireless technology that powers hands-free earpieces. Depending on your point of view, people who wear them either:

a) Look ridiculous (especially if shining a bright blue LED from their ear);
b) Appear mad (when apparently talking to themselves); or
c) Are sensible, law-abiding, safety-conscious drivers.

 

Whichever letter you pick, insidious security issues remain around Bluetooth attacks and mobile devices. While most of the problems identified five to 10 years ago have been straightened out by now, some still remain. And there’s also good reason to be cautious about new, undiscovered problems.

 

Here are a few examples of the mobile security threats in which Bluetooth makes us vulnerable, along with tips to secure your mobile workforce devices.

 

General software vulnerabilities

Software in Bluetooth devices – especially those using the newer Bluetooth 4.0 specification – will not be perfect. It’s unheard of to find software that has zero security vulnerabilities.

As Finnish security researchers Tommi Mäkilä, Jukka Taimisto and Miia Vuontisjärvi demonstrated in 2011, it’s easy for attackers to discover new, previously unknown vulnerabilities in Bluetooth devices. Potential impacts could include charges for expensive premium-rate or international calls, theft of sensitive data or drive-by malware downloads.

To combat this threat: Switch off your Bluetooth when you’re not using it.

 

Eavesdropping

Bluetooth – named after the Viking king, Harald Bluetooth Gormsson, thanks to his abilities to make 10th-century European factions communicate – is all about wireless communication. Just like with Wi-Fi, Bluetooth encryption is supposed to stop criminals listening in to your data or phone calls.

In other words, eavesdropping shouldn’t be a problem. However, older Bluetooth devices use versions of the Bluetooth protocol that have more security holes than a tasty slice of Swiss. Even the latest specification (4.0) has a similar problem with its low-energy (LE) variant.

To combat this threat: Ban devices that use Bluetooth 1.x, 2.0 or 4.0-LE.

 

Denial of service

Malicious attackers can crash your devices, block them from receiving phone calls and drain your battery.

To combat this threat: Again, switch off your Bluetooth when you’re not using it.

 

Blutooth range is greater than you think

Bluetooth is designed to be a “personal area network.” That is to say, devices that are more than a few feet away should not be accessible via Bluetooth.

However, you’re not safe if you simply ensure there’s distance between you and a potential attacker; hackers have been known to use directional, high-gain antennae to successfully communicate over much greater distances. For example, security researcher Joshua Wright demonstrated the use of such an antenna to hack a Bluetooth device in a Starbucks from across the street.

Signature based malware protection

For those reluctant to say goodbye to signature-based malware protection, read on for the first of a four-part series that delves into why small and medium-sized businesses should rethink their current solutions and explore cloud-based strategies for endpoint protection.

 

We are gathered here today, with not-quite heavy hearts, to say farewell to a constant companion. Our “friend” was part of our daily lives, popping up at the oddest times, seemingly just to say “hi,” or – as in any other high-maintenance relationship – demand we drop everything to give it some attention right now.

Imperfect, needy and often intrusive, we nonetheless tolerated its presence as a necessity in this cruel, crazy world full of bad guys – until something radical came along that made our “friend” a casualty in the unceasing conflict that can be called “The Malware Wars.”

The radical new element in the fray? The cloud. So, join us in saying, “Rest in peace, signature-based antivirus program,” and, “Hello, cloud-based endpoint security strategies.”

 

The changing world of web threats

Signature-based antivirus protection arguably peaked in the late 1990s and has been playing catch-up with the blackhats ever since. File injection and other basic virus types were mostly supplanted by Trojans, worms, backdoors and other stealthier nasties, which the big antivirus companies responded to slowly, as these threats did not fit their model of a virus.

Demonstrating how ineffective some solutions are to this day, the notorious 12-year-old Back Orifice 2000 Trojan is still infecting machines, and one out of three web malware encountered in 4Q 2011 were zero day threats, which are completely undetectable by signature-based schemes.

Hackers are also increasingly using social media scams and phishing, with even LinkedIn notifications becoming fair game for delivering exploits. It is clearly a more complicated world in the security space, and only getting worse.

 

New devices, greater risks

Apart from this ever-present development of increasingly sophisticated malware, endpoint security strategies must take into consideration the proliferation of mobile devices used to access workplace email accounts, enterprise Wi-Fi connections and even corporate VPN tunnels. From a security viewpoint, this is a nightmare, especially because mobile devices are fast becoming the number one target for hackers, with both the iPhone and Android devices being compromised in greater numbers.

As downloading antivirus software and updating signatures on every single employee-owned device by IT personnel can prove impossible even for SMBs, it demonstrates that the signature-based approach is broken, and any solution needs to be easy to implement on both current and future endpoints for it to be considered viable.

Managing remote workers and mobile devices

Visions of kicking back and working from the beach with a piña colada in one hand and an iPad in the other are no longer just flights of fancy for many workers. Businesses are finding that it really is possible for employees to work remotely on their own devices without losing any productivity.

 

As a result, many companies are measuring the benefits of employees working remotely against the logistical issues inherent in developing a mobile device management plan.

There are many tangible benefits of BYOD (Bring Your Own Device), including:

  • Reduced equipment costs
  • Increased employee satisfaction and efficiency
  • Decreased IT staff burden (since employees maintain their own equipment)
  • Reduced office space square footage (as workers are mostly off-site)

The risk in BYOD is that these devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions. This is where the need for mobile device management comes in.

 

A new landscape of threats

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, does not hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks and malicious apps than ever before.