Clear and present danger
Let’s face it: the security market is a pretty mature one. There would be few resellers coming across businesses that don’t already have some form of security protection layers in place. Typically, these security layers will take the form of a hardware fi rewall, or more general purpose hardware security appliance, combined with antimalware security software to protect the servers, workstations and/or mobile devices on the business network. Thus the fi rst opportunity for any reseller is to do a ‘situation analysis’ and identify just how well the client’s business is protected against targeted cyber intrusions. A lot of things may have changed since the current security framework for the business was put in place. Are all of the vulnerable devices on the business network adequately protected? Are the layers of protection in place appropriate for the business needs now and into the future? For example, the business might be running basic antivirus and anti-spyware security software. However, it may only be a point solution for individual workstations, rather than a solution that can properly protect a business network. Times may have changed and the business might now have an offi ce network with fi le and/or email servers. Has the business properly considered the impact of mobile devices? It’s a lot harder to protect the notebooks, smart phones and other mobile computing devices that are on the move — everywhere! There is an increase in the number of data breaches, with the majority occurring via mobile devices being stolen, lost or compromised. Suddenly the business network perimeter becomes virtually boundless. That’s why so many businesses are budgeting to spend more on antivirus, anti-malware and fi rewall software for their mobile devices. The business is also now likely to be selling, buying and interacting online with customers, suppliers and fi nancial institutions. They might now require the extra protection layers of a comprehensive internet security software solution that can deliver real-time protection against email and web-based threats for servers and workstations on the business network. All of these changes provide an alert reseller with revenue opportunities as the business is migrated to a more appropriate security solution.Mitigation strategiesBusinesses are being targeted by malicious cyber criminals seeking access to sensitive data or computing resources that they can use to make money. Helping your business clients properly protect themselves from these attacks is a services and/ or product upgrade/migration revenue opportunity for every reseller. At least 70% of the targeted cyber intrusions commonly seen in 2009 could have been prevented if businesses had implemented the following mitigation strategies:
- Anti-malware/internet security software with up-todate signatures, behavioural and heuristic detection capabilities and a two-way software fi rewall on all servers, work stations and mobile devices. Ensure the software has the protection layers in place to protect against web and email-based threats. Use the two-way software fi rewall to protect against malicious or otherwise unauthorised incoming traffi c and to white-list applications allowed to generate outgoing network traffi c. Use the behavioural detection protection layer to identify anomalous behaviour such as process injection, keystroke logging, driver loading, call hooking, etc.
- Patch the operating system and third party applications (e.g. Adobe Reader, Adobe Flash, ActiveX objects, browser plugins). Use a corporately manageable auto-update feature if available and monitor the update logs. Patch or mitigate serious vulnerabilities within two days.
- Minimise administrative privileges only to users who need them. Such users should use a separate, unprivileged account for email and web browsing.
- Educate business users about the current security threats and issues. Help them to understand what to look for and how to stay safe online, at work and at home.