Anti-Virus – Do we still need it or is it doomed?

With the advancements in technology the threat landscape is evolving too.

Malicious software is becoming harder to detect and remove – it is also starting to affect a wider range of devices because of the ‘Internet of Things’. There has been some cases that advance malicious software can even bypass the anti-virus software by changing its code!

In some ways there is truth behind what Brian Dye, senior vice president of Symantec famously said a few months ago ‘Antivirus is dead’ and it is ‘doomed to failure’ because Anti-Virus relies on a signature database to block out malicious behaviours so, if a particular piece of malicious code has never been seen before – you will probably be a victim to it.

However AV is not completely doomed as Eugene Kaspersky quite rightly said, it is still ‘very much alive and kicking’ because as threats evolved so has the traditional AV. It is about choosing a product that has a database that is continuously updated and have a good feature set.

Many vendors are now reinventing AV and changing it to ‘Endpoint Security’ which offers a wider range of features from your standard things like Anti-Virus, Anti-Spyware and Anti-Malware but, include features like application control, mobile device security, encryption and rule-based system behaviour blocking.

However security has become more complex and just because AV or ‘Endpoint Security’ has more features, we cannot just relying on it to be the sole system defences, it is not viable anymore. It will not provide an adequate level of protection for a modern day complex network.

Networks have developed into complex environments with multiple layers and a range of devices connected so, a layered approach to network security is key because it helps protect the different level within the infrastructure.

AV should just be seen as the first line of defence only, its aim is to protect users from things like spam emails, malicious attachments and websites. Occasionally some will get through but this approach is more secure and safer. Always keep in mind there is no 100% defence against the malicious cyber-attacks because the variables are always changing. Continuously network monitoring is also key to catching any abnormal behaviour.

For more information on network security please feel free to contact us on 0845 603 5552 or info@netshield.eu

Advertisements

Netshield Anti-Virus service – powered by BitDefender

Anti-Virus software is a necessary evil – it can take valuable time and energy to deploy, update and manage and they are not all the same! Netshield Anti-Virus is a comprehensive solution that acts as your first line of defence against malicious software.

Check out the video below for a quick summary…

Netshield to Discuss How Vulnerable Businesses are to Cyber Threats

Managed ICT Services Provider Netshield on the 24th April 2014, will be discussing the issue of Cyber Threats and different types of IT protection methods at a seminar held at the British Embassy in Brussels.

Working with UK Trade & Investment (UKTI) in Belgium Richard Carty, Commercial Director at Netshield will discuss why ICT Security needs to be a high priority, the common threats and ways in which organisations can protect their network and data.

The seminar will be aimed at organisations operating in sectors such as legal, financial, recruitment and the service industry and will take place on the 24th April 2014, at the prestigious British Embassy in Brussels from 9.30 – 13.00 (Central European Time).

‘ICT security is a growing concern with an increasing trend of professional services being a target for malicious behaviour, due to the high levels of business data they hold. The seminar will provide insight to the current threat landscape, security risks of current technological trends and protection methods’ commented Richard Carty.

The seminar will also include a live security breach demonstration from our guest speaker Rodrigo Marcos from SecForce and discussions on data security from a Legal perspective by Paul Van den Bulck, McGuireWoods.

‘We are delighted that the British Ambassador Jonathan Brenton, Paul Van de Bulck Partner at McGuireWoods and Rodrigo Marcos at SecForce will be able to join us to discuss the topic of ICT security and examine how exposed are businesses to the cyber threat in the changing workplace environment. With majority of businesses reliant on technology and data to be operational it emphasises why a secure ICT network is essential’ added Richard Carty.

For more information or to register click here

Take control with Endpoint Security

An IT network may have a Next Generation Firewall(s) in place to help keep out the malicious attacks but, it is advisable to have a layered approach to IT network security, like adding a layer of endpoint security.

Similar to Next Generation Firewalls, ‘Endpoint Security’ is an enhancement of traditional anti-virus as it is an all-in-one security suite where it will protect user devices (endpoints) on the network from viruses, worms, malware and offer security enforcement features and much, much more. Whereas anti-virus is designed simply too detect and destroy viruses and worms.

Why Endpoint? I hear you ask – Advances in technology has led to the changes in the corporate network demands i.e. increase usage of social media and employees working remotely, through the internet or different devices. So, it is becoming a critical element for corporations because it offers that extra layer of security by protecting the end-user devices and offer more control for the IT administrators to the IT network.

Some of the Advantages of Endpoint Security:-

  • Provides Security and Protection for devices
  • Central Management Control Console
  • Ability to Set and Enforce Security Policies
  • Web Content Control
  • Application Control
  • Email Protection and Encryption
  • Mobile Security
  • Anti-Virus and Malware
  • Etc.

But, you need to keep in mind ‘Endpoint Security suites’ features will vary depending on the brand. So, businesses need to decide which are the most important features and evaluate the different Endpoint offerings before deployment.

For advise on Endpoint Security Suites, contact us today.

Corporate BYOD: The Benefits and Risks

One in four devices used for work are now either smartphones or tablets, and on average, an individual carries or has access to at least three devices. It is not surprising that the ability to work anywhere and anytime has led to the growth of ‘Bring Your Own Device’ (BYOD) – part of the broader consumerization of IT trend – where employees are using personally-owned devices for business purposes.

IT security - Netshield

‘1 in 4 devices used for work are now mobile devices’

BYOD can provide a number of benefits to organizations of any size: enabling a mobile workforce, improving productivity, reducing costs, etc. It offers employees flexibility, providing them the ability to have a work-life balance that is personalized. Although the BYOD trend brings benefits, it also has corporate security implications.

IT departments often perceive personal devices as a corporate risk, because it is a foreign object to the IT infrastructure, with an unknown history, unknown level of security measures and no control over the level of access.

Corporations can take the stance of prohibiting personal devices, but it would not solve the issue, as employees are often undeterred by security policies and access corporate data anyway, which means it will be unmonitored and even more of a security threat to the IT network.

It has been predicted that by 2018, 70% of professionals will conduct their work on personal devices. Companies need to embrace the trend by taking a structured approach to BYOD with detailed policies in place. A non-structured approach can potentially weaken a company’s data security barrier, cause compliance issues and increase vulnerability to cyber crimes.

Corporations also need to assess the benefits and tailor the policies to the company culture and regulatory requirements. For example, IBM adopted a BYOD policy, but they banned the use of Dropbox, a cloud storage provider, and Siri, Apple’s personal assistant service, due to security concerns.

BYOD policies need to be carefully considered and implemented. Employees must be educated about the importance of data security and incident reporting; procedures must be in place if a device containing business data is lost or stolen, as it can have huge data security implications. Data security needs to be built into the corporate culture.

Protection from data breaches need to be considered when implementing BYOD, like having a mobile management system in place that would allow an IT administrator to carry out tasks such as enforcing corporate security policies or wiping the device if it was lost or stolen. Ensuring devices have authentication processes and encryption is also advisable.

BYOD and the mobile workforce trends are set to grow, despite the security concerns. If BYOD deployment is executed with a structured approach, with sufficient policies and security measures in place and employees are educated on the importance of data security, corporations will benefit from BYOD in the long term.

If you require more information on BYOD implementation and security please contact us. This article originally appeared in the April 2013 issue of AmCham Connect.