Why Closing the Threat Window of Vulnerability is Key for Endpoint Security

The typical approach to combat the growing proliferation of viruses, Trojans, spyware and other malware is for threat researchers to create signatures, and then to push those signatures down to the endpoint users.

This approach is flawed because it is reactive rather than proactive. More than 200,000 new sites are launched daily, and over 90 percent of them are associated with suspicious activity. Endpoint users, many times unwittingly, access those sites for what they may believe to be legitimate use, calling for solutions that lead to closing the vulnerability window.

Hackers are targeting many of the newer platforms favored by mobile users. According to the Juniper Networks Malicious Mobile Threats Report 2010/2011, there was a 400 percent increase in Android malware between June 2010 and January 2011. So a proactive security solution is essential. The enterprise needs to slam that window of vulnerability shut before the malware gets to the network, not after.

Once malware hits, it quickly damages systems, compromising sensitive company and consumer data in just moments. According to a report from Infonetics Research, large organizations lose an average of 2.2 percent of their annual revenue because of security attacks. Even if there is good perimeter defense, it’s quickly compromised if an unsecured endpoint accesses the network.

Devising a defense and pushing it to endpoints after a security threat enters the network via a device is, as a popular Baby Boomer saying goes, "closing the barn door after the horse got out." Although a more appropriate saying, particularly with Trojans, would be "closing the barn door after the horse got in."

By the time a patch or signature can be pushed to the network, the damage is already done and growing quickly the longer it takes IT to detect and patch the hole. So it is essential that the enterprise use a system that detects and intercepts malware before it ever gets to the network.

The better security choice
Closing the vulnerability window happens via the cloud. A superior solution, security in the cloud stops threats where they originate. Such a solution enables the enterprise to:

  • Route all network requests such as email and server access to block security threats before they can do any damage.
  • Provide central endpoint device management and endpoint device security rather than going to each device to install security applications
  • Present authorization capabilities, enabling workers to have access to different areas of the network, depending on their needs. In today’s business environment, customers, business partners, employees and managers all have legitimate reasons to access the corporate network, but they should only be able to access those areas that pertain to them. For example, customers may want to access product information, while upper management might need to have access to corporate financial projections.
  • Delete corporate information from endpoint devices in the event that they are lost or stolen - which studies say happens with 5 percent of all devices
  • Provide centralized access to applications so as to ensure that they have the latest security protections.

The security solution should provide:

  • Protection from rootkits, worms and other spyware that can hide themselves from the Windows OS Kernel driver level protection to stop the most persistent threats.
  • Centralized management from any location using a web-enabled administration console
  • Customizable reports, summaries and alerting capabilities on detected threats

Closing the threat window by adopting a cloud security solution is the only sensible approach as malware attacks are on the rise. This type of proactive security solution keeps the window of vulnerability shut, protecting the enterprise from the costs and downtime of attempting to purge malware from the network after it has entered through an unsecured PC, laptop, mobile phone, tablet, USB drive or other connection.

By Phil Brit