Attacks on the endpoint are becoming more and more complex, and there is no silver bullet to protecting these sensitive targets. Only a combination of multiple security techniques combined with the latest threat information can help to protect the endpoint and personal data from known and unknown threats. State of the art endpoint security should provide:
- The most effective and efficient security techniques across generations, including sandboxing and machine learning
- Behavioral analysis and application white-listing to prevent ransomware attacks
- Remote erasure of personal data on mobile devices
- Safe usage of cloud services like Box, Dropbox, Google Drive, SharePoint Online, OneDrive for Business, etc.
- The latest threat information for use across the entire security infrastructure
Corporate users are primary targets: More than 90 percent of all targeted attacks start with an email. Users are tricked into opening dangerous file attachments or links by cleverly forged phishing messages. Infections can also occur if users open manipulated websites while browsing the internet. State of the art security can facilitate safe email and web usage for all employees through:
- Detection of phishing attempts and other attacks, including ransomware, via email
- Identification of threats in Microsoft Office documents and file attachments
- Blocking links to potentially dangerous websites
Data Loss Prevention & Application Control
Businesses can leverage Data Loss Prevention (DLP) rules to warn their employees of accidental misuse of data. Furthermore, they can control what kind of apps are used and which data can be transferred. State of the art security solutions offer features like integrated DLP, application control on Windows and mobile operating systems, and a central reporting solution allowing businesses to define the way their users could process the data. In addition to this, encryption for devices, file folders, and emails can be used to ensure safe transfer of data.
Hybrid Cloud Security
Using legacy security products can introduce unforeseen vulnerabilities in virtual and cloud-based environments, negatively impact performance, and make it extremely challenging to demonstrate compliance with the requirements of the GDPR. With significant fines resulting from an incident – up to four percent of global turnover or 20 million Euros – the opportunity to take advantage of modern cloud architectures while also ensuring security and compliance is attractive and possible with state of the art approaches. State of the art hybrid cloud security requires the use of solutions that are optimized for virtual, cloud and container workloads.
Multiple capabilities with complete visibility across the hybrid cloud
State of the art security should be able to automatically and simultaneously protect virtual desktops and server workloads across physical, virtual, cloud and container environments from threats like zero-day malware, and ransomware, as well as attacks using vulnerabilities like the Windows SMB vulnerability used with WannaCry. Workloads across the hybrid cloud should automatically be visible and secured as soon as they become active, while only enforcing the appropriate security policies to maximize performance and efficiency. This means deep integration with leaders like VMware, AWS, and Microsoft Azure is required as a fundamental element of state of the art security. State of the art hybrid cloud security should include:
- Centralized protection for physical, virtual, cloud, multi-cloud, container and hybrid environments
- Malware protection, including anti-malware, behavioral analysis, and web reputation
- Network security for each workload, leveraging intrusion detection and prevention(IPS) to stop attacks and shield vulnerabilities with virtual patching
- System security that can lock down systems with application control, monitor system integrity, and also logg and report any security incidents
- Deep integration with leading environments from VMware, AWS, and Microsoft to streamline visibility, management, and security
The GDPR requires comprehensive protection of personal data using state of the art security technologies – but security is never absolute and incidents may still occur. Under the GDPR, businesses are now required to report all breaches of personal data protection to supervisory authorities within 72 hours. This means that you have to be acutely aware of all activities on your corporate network – a challenging task, especially because new generations of targeted attacks often manages to evade conventional detection methods.
Detection of Targeted Attacks
A state of the art security solution should deliver complete visibility into the network and, at the same time, automatically prevent targeted attacks. Alternatively, Computer Emergency Response Teams (CERT) and Security Operation Centers (SOC) should be able to be provided with the necessary information to cope with the incident. The identification of targeted and concealed attacks in real-time cannot be achieved through conventional methods. Specialized detection engines and advanced capabilities are required, for example heuristics, user-defined sandboxing, and the ability to leverage the latest threat information. A state of the art network defense strategy should include:
- Sophisticated detection engines for identification of targeted attacks in real-time
- Heuristics, correlation rules, and user-defined sandboxing
- The latest threat information, made available across the security infrastructure
- Detection and protection from spear phishing and targeted email attacks
- Logging of endpoint activities for quick analysis of attacks and subsequent reporting