Is my antivirus/anti-malware program providing adequate protection from external threats?
For decades, information technology professionals advised their clients and/or employees to install and maintain antivirus/anti-malware software on all devices. Is that enough in an age of security threats that are increasing in frequency and complexity.
Consider the facts:
- Employees and hackers use all types of endpoint device including laptops, desktops, smartphones, tablets, and wearables to access corporate data
- Businesses have multiple “surfaces” that are vulnerable to attack including wired connections, wireless access points, cloud computing and point-of-sale systems
- On average, there are 327 new threats every minute of every day1
- For every one thousand lines of code in commercially available software, there are 20 to 30 coding errors which introduce potentially exploitable vulnerabilities2
So, back to the original question: is the antivirus/anti-malware program providing adequate protection against external threats? Actually, when these programs are the only line of defense, the answer is no, not really. The best defense is a layered approach to security which includes:
- Cloud-based, zero-day antivirus/anti-malware programs
- Firewalls configured to isolate anything missed by antivirus programs
- Intrusion detection and intrusion prevention systems that monitor network traffic for behavior patterns consistent with malware and use heuristics to determine if the observed behavior is outside the bounds of “typical or baseline” network behavior. If intrusion prevention is implemented, it should actively prevent/block intrusions detected by the intrusion detection system
- Continuous user education to reinforce the importance of not opening suspicious or unfamiliar e-mail and to limit web surfing to trusted sites.
- Strong access controls and authentication rules to determine who or what can see corporate data and resources
- Routine hardware and software maintenance with frequent updates and automated notifications to IT staff when thresholds are missed
Antivirus/anti-malware programs are still important, but now must be combined with additional security measures. Companies must implement a robust network security plan to reduce the likelihood of a breech. Contact Reedy Creek Enterprise Solutions to see if your security system is robust enough to protect your corporate data.
1 McAfee Labs Threats Report, November 2015
2 Carnegie Mellon University, 2004