Our focus is mainly to offer software solutions to the customers for their networking needs and data security requirements
SSG Solutions (P) Ltd.
TELEPHONE : 23320189
5 Pillars of Protection for Endpoint
There are five security pillars of endpoint protection to consider. Each pillar may stand alone, but in concert, they become a powerful structure to secure any enterprise. While not exhaustive of all the protections that can be placed on the endpoint, these pillars represent the critical protection points that are used to stop advanced malware and advanced persistent threats (APTs).
1. Safeguarding Corporate Credentials
The first pillar of protection is safeguarding corporate credentials. Corporate credentials represent the keys to accessing the kingdom. The Verizon DBIR 2013 cited that 76 percent of network breaches investigated were a direct result of lost or stolen credentials. Credentials can be stolen by malware, phishing and third-party breaches. It is important to invest in a protection system to prevent keylogging malware. The system should also ensure that users do not submit user credentials to nonapproved websites.
2. Exploit Chain Disruption
Attackers want to take advantage of commonly used applications and their vulnerabilities to gain access to the enterprise. Zero-day attacks occur during the vulnerability window that exists between the time when a vulnerability is first exploited and when software developers write and publish a countermeasure to that threat.To stop zero-day attacks, the system should be able to operate without the prior knowledge of the exploit, malware or vulnerability
3. Legacy Threat Protection
The third pillar is legacy threat protection. There is no doubt that the evolving threat landscape can be both very dangerous and disruptive. While some legacy viruses may not compromise your organization, they can produce much noise, causing IT security professionals to scramble to investigate which are true threats versus false alarms. A system that investigates suspicious files and compares against blacklists and several antivirus engines can help reduce the noise to help keep IT focused on higher-priority challenges.
4. Lockdown for Java
The ubiquitous nature of Java requires a fourth pillar of defense. Legitimate Java applications can be written to compromise endpoint systems. These rogue applications take advantage of users´┐Ż trust and bypass many other security controls. Vulnerable Java applications have high utilization in most enterprises, which presents IT security teams with a high-risk business application environment.Risky behaviors like writing to the file system or making registry edits should be blocked. More common Java actions like display or local calculations are allowed. By only blocking risky behavior, users will not suffer from lost productivity.
5. Malicious Communications
The fifth pillar of protection for endpoint is blocking malicious communications. Many,if not all, advanced threats open communication channels to command and control servers and locations to upload stolen data. Protection systems should understand more than just the destination or data content; they need to understand how these channels are opened. Malware often hides its activity to bypass traditional security controls.Blocking malicious outbound communication will prevent endpoint compromise even after an endpoint system is infected
All five pillars protect separate vulnerability points along the attack chain that can be used to disrupt and preempt advanced and persistent attacks, providing protection for the endpoint. This defense-in-depth approach provides IT and security administrators with multiple opportunities to prevent and defend against malicious adversaries that only need to be successful once in order to damage the business.
@ SSG Solutions (P) Ltd., All rights reserved.