Advertisement
Promo

Security threats Toolkit

In association with HP

Talkback

Post a comment


Story: Microsoft study finds Trojans are biggest threat

  • Previous comment

Posted by: usb-lock-rp (Wednesday 5 November 2008, 3:56 PM)

  • Reply

Endpoint security software designed against trojans.

It is true that antivirus software plays an important part on organizations network security.
It is also true that in many cases it’s not, for example industrial networks (clients not connected to internet) virus signatures are not updated quickly enough leaving the systems with a false sense of protection. (+ the resources consumption)
The truth is that if you are only blocking endpoint data extractions and not usage (read-execution) your network is vulnerable to be infected by the simple use of a CD or USB removable drive at any endpoint.
So, if you have in place antivirus software (signatures not up to date) or your network is unlucky enough to be a virus debutant (get it before its known) and you have endpoint security that allows usage of CDs for example. Your real protection value against trojans is 0. (+ the resources consumption)
Therefore the importance of endpoint security software in preventing virus or Trojans entrance without the luck factor.

Endpoint security software solutions should not provide one way security (meaning block only extractions) pseudo read-only because execution is also allowed.
The truth is that to be able to allow usage of removable storage devices the only method that makes sense is to authorize specific storage device to operate at a specific client for a specific duration, and monitor file extractions. Or completely disallow usage when not required.
To provide options that diminish the protection value of the software regarding Trojans or virus entrance to minus 0 does not make sense. (And is misleading by nature)
Regarding removable storage devices, effective network endpoint protection should only provide the following options to be straightforward:
a) Block (protected)
b) Authorize specific a device and monitored (block all other devices of the kind except the approved device)
c) No action taken. (Unprotected)
One could argue that as long as one way “protection” is provided as an option its fine. (You don’t have to use it)
Have you wonder how unnecessary options affect the protection value of your solution. The truth is that options always bring compromise at development.
If you need to protect your organizations assets implement endpoint security that is straightforward to your real needs and not resources consuming ,blotted, weakened by options solutions.

View complete profile

Private message disabled

View all posts

usb-lock-rp

usb-lock-rp
Corporate-Level / Senior Management
Member since: November 2008

Site Activity Rating:

1

 


  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

More In Security threats


Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters