SmallBusinessNewz

Computer literacy has increased dramatically and the line between private and business use of computers and networks is blurring. The use of pod devices (USB sticks, MP3 players), mobile devices working in unsecured WIFI networks, and social networking sites accessed through a company network open the door to a variety of security threats for businesses today.

Organizations need to keep a close eye on their employee's activities on their company networks and ensure that their network security is not at stake. Faced with numerous new and existing threats, businesses need to implement an affordable security solution that uses heuristics to detect new and unknown virus signatures, ensuring complete network security.

The Lines are Blurred

These days, the line between home and work is more blurred than ever. With the ability to access the company network and email from home, airports, hotels, trains - even coffee shops - makes it easier for people to work away from the office. Likewise, the ease of taking care of activities that normally would be considered home activities is easy to do from work. People routinely take care of "homework" from the office, from something as simple as checking personal emails, to arranging a vacation or ordering flowers for a special occasion.

Organizations need to keep a close eye on their employees' activities on their company networks and ensure that their network security is not at stake. Faced with numerous new and existing threats, businesses need to implement an affordable security solution that uses heuristics to detect new and unknown virus signatures, ensuring complete network security.

For the most part, this makes for a more productive workforce (though abuses do occur). However, a business needs to know how its network is being used in order to protect itself from the threats that are present every day. And, like it or not, when employees use the company network for personal reasons, the network is more vulnerable to attacks.

Most commonly, all of the means used to attack a company's information are classified as e-threats - a general term that comprises but is not limited to any type of exploit, malware, virus, worm and botnet, Trojan, backdoor, rootkit, spyware, adware, grayware, rogue security software, phishing, pharming, harvesting, e-mail spamming, etc. - While constantly changing, the trend among cybercriminals is to keep creating new types of e-threats with ever-improving stealth capabilities.

Trojans, spyware, and targeted attacks are just a few of the threats that are magnified when a business network is used for personal use. Mind you, the network is at risk of these attacks even if no personal activity is conducted. However, since a person may be less cautious when performing personal activities on the company's network, they may inadvertently provide a path for hackers and criminals to attack through. While some attacks, though annoying, are more or less harmless pranks, most are the result of a concerted effort to break into a company's networks to steal important documents and information or attempts to keep a company's activities under surveillance.

Proactive Protection and Network Security

Today, hackers and criminals are more sophisticated than ever. They use the same tools that businesses use to defend their network to test and refine their attacks. For example, an attack may start through an employee's personal activities with a trojan that is not recognized by the defenses a company has deployed. Once in, it continues to operate until the company's defenses catch up, recognize the threat and take action.

With signature-based detection, a virus analyst looks at the code, makes a determination of its intent, type, etc., and creates a signature for it. This is sent via an update to their subscribers during routine updates. Once the signature is received, the computer is protected from the threat. This takes time, however. Time during which the network is under attack - and that attack is unknown. When a software security suite uses only signature-based detection as the primary method of identifying malicious files, criminals can simply test their attacks using the same software's most recent signature database and modify their e-threat slightly so that once again they are back in business.

Behavioral heuristic-based detection, another method for determining malicious files, does not require a virus analyst to review the file. Rather, security software runs files and checks for potentially malicious behavior. The security software has pre-defined rules (called heuristics) on what constitutes malicious behavior. If such behavior is detected, the malicious file is quarantined and so rendered unable to affect the network. This method provides proactive protection and increased detection of zero-day threats and other new or previously unknown e-threats.

Most security solutions today use a mix of signature-based and heuristic-based detection. It is important for a business to know what that mix is, since a solution that relies more heavily on a signature-based detection methodology is more at risk from real-time, zero-day threats. By using a solution that features predominately predominantly heuristic-based detection, backed up by signature-based detection, businesses have a proactive mix of protection.

Very few companies take the extra step of providing virtualized heuristic detection. Using a virtual environment, a computer-inside-a-computer, to check for bad behavior allows the security software to make reasonable decisions - but without in any way impacting the security of the host system.

Protecting the Network and the Budget

Businesses should always look to provide the maximum protection for their network. But in today's marketplace, cost and budget limitations are always a key consideration. Some might be tempted to use only one element of the protection package - say only an antivirus package. However, components such as an anti-phising and anti-spam modules that run on client or desktop machines can greatly help both with securing the network and with educating users and involving them directly in the security process.

By implementing a total security package, one that provides end-to-end protection, a company's IT budget and human resources can both be maximized. As the threat level increases for businesses, it is clear that traditional methods of protection need to be monitored and enhanced as needed. A routine re-evaluation of software security is a must to ensure that protection has kept up with the sophistication of the attacks.

When choosing a security solution, businesses should look at the threat landscape as it pertains to their business, and select accordingly. If, for example, the business has multiple mobile users, a solution with strong protection for mobile devices should be selected. One thing for certain, adding a security solution with intelligent heuristics will help secure a business' network to prevent intruders from attacking their computer network.