 |
Threat protection: the
human component
15 February, 2006
By Alan Thwaits
When it comes to protecting users from viruses, spam, and
other malware, there's only so much technology can do. The
real problem, it seems, is people.
"You can only put so much faith in technology,"
according to Jamz Yaneza, senior threat analyst at antivirus
and content security firm Trend Micro Inc. "For whatever
reason, the knowledge worker doesn't necessarily understand
the vastly different perils possible being online versus pen
and paper. Applying the same real-world trust level on the
Internet has ultimately been the reason so many users still
routinely click on attachments apparently coming from their
office friends and kin."
Trend Micro has found that, while large global threat outbreaks
have declined over the past five years, malicious software
attacks continue to pose a significant threat. The results
include lost time, lost resources, and lost opportunities.
To make things worse, malware is growing more sophisticated,
with attacks presenting even greater dangers than in the past.
In a white paper report published in May, 2005, research
firm IDC stated that "The motives and intentions of virus
writers have changed drastically over the past few years.
In the past, amateurs seeking notoriety typically created
worms and viruses to destroy data. Today, more sophisticated
attackers, often professionals and organized crime, are increasingly
using worms, spam, spyware, and viruses to obtain credit card
numbers, bank account information, and other confidential
information to perpetrate identity theft or competitive disruption.
The sophistication and scale of online frauds and identity
thefts are increasing at a rapid pace."
What's needed to protect corporate and individual systems
from the threat of malware?
According to Yaneza, the answer includes vigilance, education,
and innovation.
"External and internal threat issues require organizations
and individuals to stay on top of security issues," he
explained, "such as having security policies in place,
having policies for screening e-mails, etc. There's no answer
from a simply technological point of view."
That said, security vendors like Trend Micro are working
closely with the reseller channel to help their customers
meet the complex challenges posed by malware.
"Trend Micro has had years of experience in the gateway
market and has been actively implementing enterprise-class
functionality down into its consumer/retail products,"
said Yaneza. "We were the first to send out pattern files
using the Internet instead of sending out a monthly pattern
update CD, which used to be the norm years ago. Realizing
the changing environment, Trend Micro was the first to introduce
network layer protection via our Network VirusWall appliance,
which works hand-in-hand with our partners like Cisco. With
a suite installation you can easily manage threats to your
enterprise from the gateway, handheld PDAs and phones, desktops,
servers, packet filtering, vulnerability assessment, network
access control -- the works, even from a remote location via
any browser."
While anti-virus updates, patches, the rise of managed services,
and the advent of a Frankenstein-like mix of security protocols
and policies present everyone who uses technology to do business
with immense challenges, there is, indeed, a light at the
end of the tunnel. It's called shared responsibility.
"Vendors need to go directly to end-users to educate
them about safe surfing," said Yaneza. "Threat protection
is a never-ending struggle everyone has to have some involvement
in securing the business."
|
|
