In-Depth

Choose the Right Preventive Security Technologies

Ensuring maximum asset availability requires multiple layers of security working in concert to protect against intrusions, enforce usage policies, and allow machines to remain resilient to attacks - even when patching is not an option.

IT managers can choose from a wide range of hardware and software solutions to prevent worms, viruses, and other attacks. Regardless of approach, however, the true value of any solution is best measured by how well it ensures asset availability and enhances business continuity.

A security solution must do more than merely detect and prevent attacks. It must actually prevent downtime of any sort for the machine. Machine unavailability can be caused by many events, including compromise due to a policy violation; taking machines offline (for example, when platforms are no longer supported by their vendors and no longer receive security hotfixes or support); and patching.

Most security breaches are a result of an "internal" compromise. This can include end users—rogue and naive alike—misconfiguring devices and programs and thus unknowingly propagating malicious code, or purposefully disclosing proprietary business information.

A recent study performed by CompTIA concluded that human error is the leading cause of security breaches, encompassing nearly half of all incidents. A combination of human error and technical malfunction is a close second. Compounding this trend is the reality that only half of the organizations surveyed have a written IT security policy in place. A solution that can enforce policies can limit attacks and associated downtime significantly.

Unfortunately, not all organizations can afford to upgrade their Windows servers to newer, more advanced versions. Some face government regulations restricting changes to production processes, including operating systems used. Intensifying this challenge is the suspension of support—hotfix support, in particular—for discontinued platforms. These systems and applications become wide open for targeted cyber attacks, creating, in effect, an attack surface that cannot be protected. Organizations are left with two undesirable options: 1) leave the affected machines online and hope they're not compromised by attack, which is highly unlikely; or 2) take them offline during the planned migration, creating unavailability for critical business applications and services.

In theory, the frequency and ease with which vendors make patches available would seem to facilitate a more secure enterprise. In practice, however, organizations are faced with the daunting reality of testing, deploying, and verifying myriad patch installations. Under the best of circumstances, this process requires a combination of process and technology to minimize business disruption and associated costs.

Unfortunately, the rapidly shrinking window to install patches means patch deployments are rarely carried out under the best of circumstances. Frequently, security and IT teams are forced into panic patching systems without the proper testing and validation. This hurried approach results in tangible losses in end-user productivity, business disruptions, and related IT resource drain. An effective security solution should make machines resilient to attacks, even without the presence of the necessary patch, so IT teams can patch according to their timetables, saving costs and increasing business continuity.

Ensuring maximum asset availability requires multiple layers of security working in concert to protect against intrusions, enforce usage policies, and allow machines to remain resilient to attacks—even when patching is not an option. These layers should be combined into a single, integrated solution residing on the end-point assets in order to work as seamlessly as possible.

comments powered by Disqus

Featured

  • AI for GitHub Collaboration? Maybe Not So Much

    No doubt GitHub Copilot has been a boon for developers, but AI might not be the best tool for collaboration, according to developers weighing in on a recent social media post from the GitHub team.

  • Visual Studio 2022 Getting VS Code 'Command Palette' Equivalent

    As any Visual Studio Code user knows, the editor's command palette is a powerful tool for getting things done quickly, without having to navigate through menus and dialogs. Now, we learn how an equivalent is coming for Microsoft's flagship Visual Studio IDE, invoked by the same familiar Ctrl+Shift+P keyboard shortcut.

  • .NET 9 Preview 3: 'I've Been Waiting 9 Years for This API!'

    Microsoft's third preview of .NET 9 sees a lot of minor tweaks and fixes with no earth-shaking new functionality, but little things can be important to individual developers.

  • Data Anomaly Detection Using a Neural Autoencoder with C#

    Dr. James McCaffrey of Microsoft Research tackles the process of examining a set of source data to find data items that are different in some way from the majority of the source items.

  • What's New for Python, Java in Visual Studio Code

    Microsoft announced March 2024 updates to its Python and Java extensions for Visual Studio Code, the open source-based, cross-platform code editor that has repeatedly been named the No. 1 tool in major development surveys.

Subscribe on YouTube