6. TradiTional securiTy no longer Works
So now that the climate has changed and we operate within a borderless enterprise, it is imperative for company and technology leadership to realize that the security model they’ve depended on for so many years is broken.
Executives must have their technical staff focus on the squishy center that exists inside that perimeter exoskeleton they’ve built up over the years. Otherwise, crafty bad guys are going to attack from the inside out.
Simply installing antivirus and firewall perimeters no longer helps businesses effectively defend themselves. There are too many ways around the network perimeter. Those well-funded criminals I already talked about are using clandestine code that cannot be detected by mass-marketed antivirus software, that only offers protection from known attacks.
That’s not to say that these older technologies no longer have a place in the enterprise. They still do a reasonable job protecting enterprises from old attacks and act as a good, existing first layer of defense.
“The real key is figuring out how to make the perimeter security less expensive and then be able to deal with where the threats are starting to bypass the traditional forms of security,” says Pescatore, “because there are new forms of attacks and there are always these waves of old attacks that come back.”
Think about it, with all of your employees demanding connectivity online and online portals directing customers and partners to data from the outside, there are loads of little back doors leading directly into networked data stores. And if
Why attack the network directly when I could simply get an employee to visit an infected website that will load a Trojan onto their system and will grant me access into their system and into wherever it is connected?
We recently had a customer say to us, “I can’t tell you how many of my peers find it easy to fund and implement perimeter security, but find it harder to do so for the needed internal security.”
I’m a bad guy, why would I try to go through the fortified front door when I can just waltz through the back door and ride the wave of connectivity directly to your most valuable data? Why attack the network directly when I could simply get an employee to visit an infected website that will load a Trojan onto their system and will grant me access into their system and into wherever it is connected?
HOw TO mAKE wHITElISTING OpErATIONAlly EffICIENT & mANAGEAblE
Lumension Security’s Senior Vice President of Americas, Matt Mosher sits down to discuss the advancements in Endpoint Security with Operational Whitelisting.