A new study from McAfee is claiming that 17 percent of PCs around the world have no antivirus protection and in the U.S. that number is even higher at 19 percent. The study counted as unprotected machines those that had no antivirus protection installed, or whose antivirus subscription had expired. In the U.S., 12 percent of PCs did not contain any antivirus program, and 7 percent had software that was expired.
Along with BYOD (Bring Your Own Device), organizations that allow their employees to hook up their own devices to the corporate network should be making sure all users on the network (regardless of whether it's a personal or corporate owned device) are protected by a secure web gateway / proxy. With a high likelihood the device itself may not be protected, there really needs to be some line of defense, and it's the secure web gateway. In addition many proxies can also protect infected devices from uploading personal or corporate owned information back to hacker owned servers in the network that are trying to collect personal and corporate data.
Wednesday, May 30, 2012
Monday, May 21, 2012
Why is SEP the number one vector for malware?
SEP (Search Engine Poisoning) is the number one vector for malware according to Blue Coat's 2012 Web Security Report. More people attempted to access malware through SEP than any other method in 2011. Blue Coat also writes a lot about SEP in their security blog. Some of the reasons SEP remains a popular choice among hackers include the breadth of reach (everyone uses search engines), how easy it is to infect search engine results, and the likelihood the end-user will trust the result and get infected as a by-product of selecting an infected search result.
One of the interesting things about Blue Coat's research is that celebrity searches and "big event" searches aren't nearly as dangerous as common search terms. The reason for this is with celebrity and "big event" searches there's an overwhelmingly large repository of "good results" to choose from, it's unlikely a cyber criminal will get a hit, whereas a common every day search may have fewer results, and it's easier for a hacker to get a result on the primary results page.
So what's the solution to SEP? Obviously an up to date web security gateway with real-time rating helps. But also user training is important. Users need to understand what looks like a bad URL, what looks like a shady site, and users also need to learn not to ignore warnings generated by the secure web gateway or their browser. It may even help to use a safe search tool like k9safesearch.com in place of regular search engines.
One of the interesting things about Blue Coat's research is that celebrity searches and "big event" searches aren't nearly as dangerous as common search terms. The reason for this is with celebrity and "big event" searches there's an overwhelmingly large repository of "good results" to choose from, it's unlikely a cyber criminal will get a hit, whereas a common every day search may have fewer results, and it's easier for a hacker to get a result on the primary results page.
So what's the solution to SEP? Obviously an up to date web security gateway with real-time rating helps. But also user training is important. Users need to understand what looks like a bad URL, what looks like a shady site, and users also need to learn not to ignore warnings generated by the secure web gateway or their browser. It may even help to use a safe search tool like k9safesearch.com in place of regular search engines.
Wednesday, May 16, 2012
BYOD
BYOD seems to be the latest buzz word in security. In case you aren't completely caught up with the news, BYOD stands for "Bring Your Own Device". It refers to the proliferation of smartphones and tablets that employees are bringing into work and attaching on to the organization's network. It's estimated the average employee owns 2.4 devices that they bring into work and connect to the network.
This brings its own challenges, including how to enforce corporate policy on those devices. While policy may be enforced by the secure web gateway or proxy when the device is on the organization's network, what about policy when it's off the network and on some public network? That's important to make sure the device doesn't get infected or suffers data loss due to a malware attack. Plus there's the issue that the device uses applications that sometimes use different URLs, protocols, and ports than the web version of that application. It's possible your secure web gateway may not understand the mobile app, while it's happily blocking or controlling the web application.
The other challenge these devices bring is around performance and bandwidth. While the secure web gateway may have enough performance and bandwidth for one device per employee, what happens when there's three and all three are checking and updating webmail and Facebook at the same time? These devices also have a bandwidth challenge when they download updates to their operating system. iOS updates have been rather large lately, and if every iOS device downloads their updates during work hours, is your secure web gateway prepared? BYOD only promises to increase as the tablet and smartphone market continues to grow.
It's time to make sure your secure web gateway has up to date technology to handle mobile, as well as enough capacity to handle the coming increase in bandwidth requirements. This may be a good time to look at bandwidth saving technologies as well, including caching and stream splitting for video, one of the biggest hogs of network bandwidth.
This brings its own challenges, including how to enforce corporate policy on those devices. While policy may be enforced by the secure web gateway or proxy when the device is on the organization's network, what about policy when it's off the network and on some public network? That's important to make sure the device doesn't get infected or suffers data loss due to a malware attack. Plus there's the issue that the device uses applications that sometimes use different URLs, protocols, and ports than the web version of that application. It's possible your secure web gateway may not understand the mobile app, while it's happily blocking or controlling the web application.
The other challenge these devices bring is around performance and bandwidth. While the secure web gateway may have enough performance and bandwidth for one device per employee, what happens when there's three and all three are checking and updating webmail and Facebook at the same time? These devices also have a bandwidth challenge when they download updates to their operating system. iOS updates have been rather large lately, and if every iOS device downloads their updates during work hours, is your secure web gateway prepared? BYOD only promises to increase as the tablet and smartphone market continues to grow.
It's time to make sure your secure web gateway has up to date technology to handle mobile, as well as enough capacity to handle the coming increase in bandwidth requirements. This may be a good time to look at bandwidth saving technologies as well, including caching and stream splitting for video, one of the biggest hogs of network bandwidth.
Friday, May 11, 2012
Is InterOp Even Relevant Anymore?
This week was InterOp in Las Vegas. If you've been in the industry as long as I have, you still have memories of InterOp as the premier networking event. I've been going to InterOp since 1992, before it merged with NetWorld. As I walked down the aisles this year, the event just seemed like it was only a shadow of its former self. While the economy has certainly taken some of the toll in the number of companies and attendees, it seems like it's more than that. Networking has broken off into a number of niche plays, and a general interoperability show doesn't seem as relevant today, when working together is just assumed, and expected.
Instead of going to a general purpose show like InterOp, I think IT admins are going to cloud, identity, security, mobility and other "themed" events. So you have to wonder, just how many years InterOp has left.
Instead of going to a general purpose show like InterOp, I think IT admins are going to cloud, identity, security, mobility and other "themed" events. So you have to wonder, just how many years InterOp has left.
Friday, May 4, 2012
Drive-by Malware Targets Android
PCWorld is reporting the first instance of drive-by malware for the Android operating system. Drive-by malware is malware that installs itself just by visiting a website, without having to click on anything on the webpage and without having to download or install anything. It's the most dangerous type of malware because it requires no action by the end-user to get infected. This is the first reported case of drive-by malware targeting the Android operating system. Drive-by malware for windows has been around for a while.
This specific malware is called "NotCompatible" and is a trojan that can be used by hackers to use the Android device as a relay point to break into secure networks or uses the device as a proxy.
This latest form of malware is a good reminder that all devices need to be protected, and coincides with Blue Coat's announcement this week of K9 for Android. K9 is Blue Coat's free, home-use web filtering software. Blue Coat already offers K9 for iOS, Windows and MacOS.
This specific malware is called "NotCompatible" and is a trojan that can be used by hackers to use the Android device as a relay point to break into secure networks or uses the device as a proxy.
This latest form of malware is a good reminder that all devices need to be protected, and coincides with Blue Coat's announcement this week of K9 for Android. K9 is Blue Coat's free, home-use web filtering software. Blue Coat already offers K9 for iOS, Windows and MacOS.
Thursday, May 3, 2012
Nine percent of websites malicious
A new report from Zscaler suggests that 9.5 percent of websites are malicious. Another 9.5 percent rated as suspicious in their study. It's no surprise that the web is an increasingly dangerous place to visit. One of the key drivers for this threat, is the fact that end-users aren't updating their plug-ins, leaving them vulnerable to a lot of older malware. An example of this is with Adobe Reader, which the report showed over 60% of users were running an outdated version of this software.
The report also noted that Apple devices are becoming more prevalent in the workplace as Android and Blackberry devices are becoming less prevalent. If anti-malware isn't part of your web security, this report is a good reminder, why it should be in your plans for this year.
The report also noted that Apple devices are becoming more prevalent in the workplace as Android and Blackberry devices are becoming less prevalent. If anti-malware isn't part of your web security, this report is a good reminder, why it should be in your plans for this year.
Subscribe to:
Posts (Atom)
Posts
