The Expanded Need for Information Protection

By | September 10, 2006

Fortunately, the laptop was recently recovered, but the potential magnitude of its effects emphasizes the often tenuous line between information protection and information exposure.

The Good Old Days

In 1988 the first Internet worm was launched. It spread to just 6,000 computers but these few represented one-tenth of all the computers connected to the Internet at that time.

In 1993 Internet traffic had an annual growth rate of almost 342 percent. 1994 marked a change in the Internet world when a virus writer took advantage of the growing communications phenomenon and posted the Kaos virus to a newsgroup, infecting computers across the globe.

Where yesterday’s threats were noisy and noticeable to everyone, today’s threats are designed to be silent and prevent anyone from noticing them at all. In addition, earlier threats were without focus and blanketed virtually everyone, but today’s threats are specific to their targets. Cybercrime is a lucrative business, spawning entrepreneurs that unleash quiet, sophisticated malicious code, made especially for stealing the identities of innocent people.

Consequently, containing, managing, and protecting data has gone from challenging to critical. Information protection has clearly moved far beyond network security and now extends to protecting data regardless where it is stored and who accesses it.

Portable Defenses

Organizations must secure both their managed and unmanaged endpoints to reduce the risk of information exposure. Since organizations can easily control managed endpoints, companies can employ persistent agents to apply suitable countermeasures. This is important, as these endpoints often have more extensive rights for accessing and storing information, which in turn signals the need for more robust security measures. Some of the most effective tools that address this need are antivirus, personal firewall, and intrusion protection technologies.

While antivirus tools are ubiquitous today, the most effective protection comes from technologies that include anomaly or heuristic-based threat detection as well as antispyware capabilities.

Personal firewalls are widely used to prevent attacks, but their effectiveness is limited to protecting at the network layer. Personal firewalls frequently fail to stop application layer attacks that utilize protocols and connections allowed by their rule base. Nonetheless, personal firewalls are a valuable component of managed endpoint protection since they permit only traffic that is explicitly allowed by policy.

Intrusion protection technologies offer another layer of security for managed endpoints. Host-based intrusion protection complements antivirus by guarding against unknown attacks that operate at the system and application levels.

Leave a Reply