Through technologies such as security information management systems (SIMs), IT administrators can easily automate the process of looking through logs to help produce effective reports, issue alerts and perform forensics.
Consider the following scenario: an infected file attached to an email is sent to 100 recipients within an organisation. If the infection rate is 100%, the estimated time cost associated with an IT manager responding to the threat, followed by delegation to the team to stop, scan and clean 100 workstations on the local level, is the approximate equivalent of $22,000.
Along with cost reduction as an obvious driver for adopting tools that facilitate network wide visibility and management, the other major benefit is the speed of recovery. Mass remote management – such as the ability to conduct an audit of installed software applications on all systems, and terminate, or block, any malware programs simultaneously – can drastically reduce the downtime of the network and its users.
Ideally, servers and workstations across the business should be managed remotely by the same IT team, which can easily apply group-based policies that automatically detect and protect newly connected workstations, while gaining more visibility into the organisation’s security status across multiple locations.
The consequences of security breaches in an enterprise network branches out in several directions. Malware infections affect the company’s endorsers, stakeholders and the beneficiaries of its business operations, while recovery efforts impact on the productivity of the affected company’s employees.
Privacy issues, identity theft and espionage can lead to financial or legal liabilities, to say the least.
BitDefender has created a centralised management system around its client security solution which provides over 30 predefined endpoint auditing and management script templates, which enable automated, remote and centralised management of the enterprise network and of its safety. Meanwhile, hundreds of other publicly available Windows Management Instrumentation (WMI) scripts can also be implemented.
Once a specific security policy is defined, IT administrators can apply it by assigning the corresponding WMI script to run on specific client workstations, or groups of client workstations, on a regular basis.
You will often hear IT managers mentioning that visibility into their network’s status is crucial, because it allows them to find out what happens and where to rapidly attend to workstations. IT administrators can save time and effort with the capability to implement several categories of WMI scripts: hardware, system and software; Windows user accounts, disks and file systems; and administrative actions. These scripts allow them to easily identify what software is installed on client workstations, remotely remove any undesired application, or install required programs.
Another advantage of using update automation and management policies is that, across an organisation with 1,000 or more seats, they vastly reduce mobile stations’ update cycles from weeks to days. Updates can be scheduled to be applied during off-peak hours so that the impact on the network performance and resources is minimal. Moreover, centralised reporting capability allows on-demand status verification to ensure that all the workstations within the business network are up to date.
With the influx of portable devices such as iPads and smartphones being used at work, businesses need to mitigate the security risks associated with the use of removable media, and devices too. IT administrators need the tools to simply and consistently apply and manage security policies on autorun, or disable removable media access from a single location.