Page 31 - CDM-Cyber-Warnings-March-2014
P. 31
'$ $23 $%$-2$ (2 ..# %%$-2$ By Dan Ross, CEO, Promisec With Super Bowl season upon us, now is the perfect time to strategize your game plan for assuring endpoint security and compliance. This is especially important as endpoints are increasingly becoming points of attack and entry into organizations. In fact, according to the Ponemon Institute’s 2014 State of the Endpoint study, 71 percent of security professionals believe that endpoint security threats have become more difficult to stop or mitigate over the past two years. There are a number of reasons drawing attackers’ attention to the endpoint. Most notably: Security products can malfunction, agents can become out of date and users can disable or even shut off the agents altogether. Attackers have been known to disable the antivirus agents to gain entry. Software patches and hotfixes are not applied in a timely manner. Users may postpone fixes or ignore updates altogether, leaving endpoints vulnerable to exploitation. With so many active threats, even the smallest gap in protection—like missing the latest Adobe patch—can lead to big problems. Users access unauthorized software like peer-to-peer programs and web-based document sharing services, unaware that attackers exploit these as open doors into an organization. File sharing and music sharing applications, for example, make it easy to share files but leave the endpoints—and by extension an entire company—vulnerable to virus and attack by hackers. Security professionals, like football coaches, should live by the same mantra in addressing these issues: The best defense is a good offense. With this in mind, consider implementing the following suggestions to be more proactive and enhance your endpoint security and compliance game plan. Establish corporate policy and endpoint gold standard image. To start, build a whitelist of approved applications including versions and patch levels and a blacklist of all unauthorized hardware and software that should not be running, including peer-to-peer and remote control programs. Use automated tools to continuously monitor for change or deviation from policy on each endpoint. You’ll want to look to see if users are accessing peer-to-peer programs, if agents have become disabled for any reason, and what patches are out of date, along with any other policy gaps. When discrepancies are found, apply an automated fix. This should address things like updating the agent and removing the unauthorized software, etc. Rapid remediation is key. " # % " $ " # ! !
