Why You Should Rethink Your Endpoint Security Strategies Part I
Should you say “sayonara” to signature-based malware protection?
For those reluctant to say goodbye to signature-based malware protection, read on for the first of a four-part series that delves into why small and medium-sized businesses should rethink their current solutions and explore cloud-based strategies for endpoint protection.
We are gathered here today, with not-quite heavy hearts, to say farewell to a constant companion. Our “friend” was part of our daily lives, popping up at the oddest times, seemingly just to say “hi,” or – as in any other high-maintenance relationship – demand we drop everything to give it some attention right now.
Imperfect, needy and often intrusive, we nonetheless tolerated its presence as a necessity in this cruel, crazy world full of bad guys – until something radical came along that made our “friend” a casualty in the unceasing conflict that can be called “The Malware Wars.”
The radical new element in the fray? The cloud. So, join us in saying, “Rest in peace, signature-based antivirus program,” and, “Hello, cloud-based endpoint security strategies.”
The changing world of web threats
Signature-based antivirus protection arguably peaked in the late 1990s and has been playing catch-up with the blackhats ever since. File injection and other basic virus types were mostly supplanted by Trojans, worms, backdoors and other stealthier nasties, which the big antivirus companies responded to slowly, as these threats did not fit their model of a virus.
Demonstrating how ineffective some solutions are to this day, the notorious 12-year-old Back Orifice 2000 Trojan is still infecting machines, and one out of three web malware encountered in 4Q 2011 were zero day threats, which are completely undetectable by signature-based schemes.
Hackers are also increasingly using social media scams and phishing, with even LinkedIn notifications becoming fair game for delivering exploits. It is clearly a more complicated world in the security space, and only getting worse.
New devices, greater risks
Apart from this ever-present development of increasingly sophisticated malware, endpoint security strategies must take into consideration the proliferation of mobile devices used to access workplace email accounts, enterprise Wi-Fi connections and even corporate VPN tunnels. From a security viewpoint, this is a nightmare, especially because mobile devices are fast becoming the number one target for hackers, with both the iPhone and Android devices being compromised in greater numbers.
As downloading antivirus software and updating signatures on every single employee-owned device by IT personnel can prove impossible even for SMBs, it demonstrates that the signature-based approach is broken, and any solution needs to be easy to implement on both current and future endpoints for it to be considered viable.
How does the cloud fit in?
Cloud-based endpoint solutions protect devices by installing a small agent on them while keeping all of the detection algorithms on the cloud provider’s hardware. They protect against viruses, rootkits, zero-day threats, packet and port sniffing, and other intrusions by auto-detecting suspicious behavior and delivering a preemptive strike against exploits rather than react to an already-infected situation.
Other benefits of cloud-based malware solutions include:
- Faster endpoint performance
- Lowered IT costs
- Protection against the latest malware without downloading massive virus signature files
In the second article in this series, we will cover how cloud enterprise security strategies work in-depth and explain how they provide a more robust and immediate solution than signature-based programs.
Endpoint security strategies in the cloud – turning the tide in the endless battle against enterprise security exploits.
By Willie Pena