News headlines have been a constant reminder every day that data leakage and malware attacks are on the rise, and increasing at high speeds.  Many believe these malicious attacks are targeted towards large corporations with big bucks, but businesses of all size and functions are facing these risks every day.  Your basic anti-virus solution alone won’t stop these attacks; you need to take extra provisions when protecting your organization.

To help you mitigate the risks, InfoSight has put together a list of threats your anti-virus won’t stop.

Threat #1: The Zero Day Threat
Your anti-virus solution doesn’t recognize zero-day threats because they don’t match up with previous threats or patches.  Zero day attacks are used to exploit security deficiencies that haven’t been patched, and then spread to other computers on the network.
Defense: Add additional defenses on top of your signature-based anti-virus solution. Host Intrusion Prevention systems (HIPS) are a great tool to monitor and block suspicious activity.

Threat #2: Working outside of your firewall
Now that more and more employees are working outside of their organizations on personal laptops, Smartphones, etc. The original network or gateway firewall is no longer enough to protect the organizations’ servers and PCs.
Defense: Add a location-aware client firewall on laptops and other endpoint PCs that are used for work outside of the office. HIPS are also helpful to strengthen this defense and to detect suspicious behaviors on unsecured networks.

Threat #3: The Unpatched PC
All it takes is a single unpatched vulnerability in your operating system, browser or application and you’re in for some massive problems.
Defense: Develop an access controller or patch management system that verifies if all systems connected to your network have all the current patches and anti-virus updates in place.  Data Loss prevention systems also allow for encryption of your data along with content scanning to protect your network.

Threat #4: The Uncontrolled Application
We all know that allowing unmanaged applications access to the web brings an unacceptable amount of risk and performance issues to your organization’s network.
Defense: Introduce an application-control software that allows you to block users from installing unnecessary applications.  Fewer applications reduce the amount of vulnerabilities to manage and secure.

Threat #5: Web Insecurity
Cybercriminals (and their techniques) are growing almost as fast as the security solutions themselves. They use the Web as their single biggest distribution point for malware.
Defense: Use a combination of URL filtering tools and continually scan web pages for malware.

Threat #6: The Lost Laptop
It’s not difficult to replace a laptop, but recovering the data can be close to impossible.
Defense: Develop and implement a data encryption policy.

Threat #7: The Misdirected Email
One typo and your email goes to the wrong person, but who are they, and where’d your information go? Misdirected email could expose personal, confidential, and identifiable information about your organization or your customers.
Defense: Use a combination of URL filtering tools and continually scan Web pages for malware.

Threat #8: The Infected USB Device
USB ports are an easy means of attack when plugged into a company computer. The USB drive bypasses other layers of your network defense such as your gateway firewall protection making for an easy attack.
Defense: Implement a device control system that specifies which USB devices and users are permitted to plug into PCs.

How do you manage updates and patches across your organization? If you outsource patch management, are you concerned about the lag between updates?

Got an opinion? The discussion hasn’t started yet. Who don’t you begin it?