Multi layered approach to security

Posted on Wednesday, November 5, 2014

What if antivirus software fails to detect the problem?

Earlier this year, Internet security firm Symantec confessed that its antivirus products detect malicious code less than half of the time. So does this mean that Norton and the other good guys are actually losing the battle against those who would wreak havoc on our systems?

Well, many were certainly surprised to read the report by Brian Dye, Senior Vice President of Information Security at Symantec, which stated that modern antivirus software only catches 45 per cent of attacks on our computer systems. But was this another Gerald Ratner moment destined to blow up in Symantec’s face, maybe even bringing the corporation to its knees?

In fact, it’s not quite that simple and most industry experts accepted a long time ago that the ‘single vendor approach’ to protecting your network was largely inadequate. In this new era where the threats to your business are as much about what leaves your network as what comes in, and where user behaviour needs to be constantly monitored, the first thing your business requires is a plan – and Mustard IT recommends a multi-layered strategy.

Adopting a ‘multi-layered approach’ to security planning

Here are some key components that should form the basis of any multi-layered security plan.

1. Back up. Establish an automated backup of your critical data and understand your recovery time objectives. Yes, you can install all the security products you want (hoping for the best) but you must also be ready for a virus to slip through (plan for the worst!). Remember, a staged backup will enable you to go back to various restore points depending on how long the bug has been present in your system.

2. Belt and braces. Mustard IT certainly always recommends a reputable AV product that can be centrally managed but we would also suggest installing a good anti-malware software such as HitmanPro as a second line of defence.

3. Monitoring software. We encourage companies to install appropriate network monitoring tools with whitelists and blacklists that can detect and control the programs users are installing on their PCs.

4. Remove local admin rights. This one will may not be popular with your users but most are installing something on their machines that they shouldn’t be, often increasing the risk from malware.

5. Web browser security. Rather than allowing users to connect unchecked to the internet via port 80 of your broadband router, introduce a content filtering solution by routing connections through a gateway product. Only authorised websites will be accessible, helping to reduce the threat from non-reputable or infected sites.

Put simply, a multi-layered approach to security planning should certainly include some, maybe all of the above and possibly other factors besides. If you need help assessing your own requirements, please call Mustard IT today on 020 3792 6994.