Protecting the MidSized Business
-
Upload
emilio-notareschi -
Category
Documents
-
view
218 -
download
0
Transcript of Protecting the MidSized Business
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 1/12
Protecting the Mid-sized Business >New security requirements and possibilities
White Paper
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 2/12
1 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Introduction
Malware is one of the biggest threats facing mid-sized businesses today.
Every day, a highly organized, nancially motivated cybercriminal community
generates an unprecedented volume of dynamic and sophisticated malware
aimed at stealing information from your business and selling it for a prot. To
protect your business data, you have to understand the nature of these threats
and know how to protect your company from them.
This white paper outlines this new threat environment and explores the
unique requirements for mid-sized businesses. The bottom line: You need
more than rewall and antivirus protection to stop the latest threats. Today’s
security infrastructure must be always on and instantly updated to match the
speed, volume, dynamism and sophistication of today’s malware. To help you
get started, this white paper provides practical guidance on layered defense
systems that provide strength in numbers through cloud communities, all in a
cost-effective way that meets your security and business needs.
Key characteristics of malware today
Criminal motivation combined with sophisticated tactics drive today’s threat
environment. The scale and dynamic nature of these threats presents morecomplex security challenges than traditional security models can adequately
manage. Let’s start by looking at these characteristics in detail, and explore
why they challenge conventional security wisdom and traditional defenses.
Malware is now driven by organized crime.
Viruses and other malware are increasingly written by professional hackers
working on contract from organized crime syndicates. Their main objective
is to steal data that can intercept funds or enable criminals to prot illegally
from individuals or businesses like yours. Even the lowest threat range, such
as phishing scams, attempts to extort, trick or con people and companies
out of money. Without an effective protection system, malware will hurt yourbusiness at some point – whether it’s lost productivity, revenue or unforeseen
legal costs. Research estimates that between information theft and cleanup
expenses, cybercrime cost rms one trillion dollars in 2009.
Malware is growing in both volume and speed.
In addition to the costs of malware, the volume and rate of attacks has
skyrocketed in the past few years. Two-thirds of all the known malware that
has ever existed was launched in 2008. In 2009, that number doubled. Phishing
attacks increased 585 percent in just the rst half of 2009.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 3/12
2 < >
Protecting the Mid-sized Business: New security requirements and possibilities
So hackers today are no longer defacing web sites for the thrill of it. In fact,
quite the opposite – they want to remain undetected for as long as possible.
In 2007, the average lifespan of malware was seven hours. By 2008, it was
estimated at ve hours. And in 2009, many threats relocated themselves
after just two hours to avoid detection.
Social networks are great hiding places for covert malware types.
As end users become more conscious of malware scams, cybercriminals
have upped the stakes, nding increasingly devious ways to lure or trap
their targets. They leverage popular trends like social networking, takingadvantage of the trust web users have in reputable sites and their network
of “friends.” If a social networking site has 500 million regular users, each
of whom trusts a few hundred friends, it stands to reason that criminals will
view it as a vast source of potential targets. Poisoned search engine results,
where infected blogs have led to highly ranked web pages with malicious
content, are also used to lure people to malware hosts at the end of an
orchestrated link chain. But most web threats – over 90 percent – actually
come from infected popular sites. By far, the greatest risk of attack comes
from everyday browsing behavior like searching, chatting with online friends
or even visiting trusted sites.
There is a connection between how users browse and search on the web today and
current mechanisms or inection by malware. For example, the most prolifc recent
malware attacks leverage social networking – and the trust people have in their
riends and connections – to spread malware as well as poisoned search results.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 4/12
3 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Today’s malware requires new thinking about security
Not long ago, machines were infected when users opened email attachments
containing viruses and worms, or visited “red-light” districts on the web,
such as pornography or gambling sites. Conventional security wisdom told
us to protect against threats by building a hard shell around the network
to protect entry and exit points, and stop users from going to bad places.
Desktop AV, rewalls and more recently Unied Threat Management (UTM)
solutions are the components we used to create this hard shell. While these
technologies are effective against static, network-based threats, they are
less effective against dynamic, web-based threats because they narrowly
dene safe vs. unsafe web sites and then deny or allow access based on
that limited characterization. As a result, they cannot adequately protect
against real-time malware attacks that can change or disappear in as little
as two hours.
Here’s why: The web is simply too big and complex to rate every destination,
and it’s no longer dominated by static pages. Today’s Internet is interactive
and changes in real time, which makes it much easier for cybercriminals
to exploit. For instance, when a single request to a web site easily results
in dozens of requests for content, all frequently changing and sourcedfrom many locations, static web ratings simply cannot lter every source
of malware.
In addition, new web-based threats exploit human behavior on a whole new
level by tapping into trusted web activities, sites and applications. Today,
users often encounter malware through poisoned search results in popular
search engines. Or they receive spam from “friends” on social networks.
They download fake offers that actually infect their machines with malware
or spyware “phone-home” capabilities. And sometimes, malware is simply
downloaded onto the machine without the user taking any action other than
visiting a trusted destination, such as a news or banking web site.
Not only has the threat landscape changed, so has the concept of a
network, which has expanded to accommodate roaming and telecommuting
employees. Competitive business demands have driven IT to adopt and
support new technologies to connect workers with applications and
information at any time, from anywhere. While a decentralized work
environment is critical to business agility, it also creates new security
requirements to address the new wave of web threats.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 5/12
4 < >
Protecting the Mid-sized Business: New security requirements and possibilities
To meet these new requirements, companies need more than the average
security portfolio. They need a proactive, layered security strategy at the
web gateway – one that combines a hybrid of technologies that complement
traditional rewall and desktop AV solutions.
This illustration shows how innocent web browsing can be exploited by cybercrime.For example, a user attempting to view a video online at work may be tricked into
downloading a ake video codec containing malware. A compromised contact list in a
social networking site may betray a user’s trust in their riends by linking them to a
scam via a phishing site.
Targets are not just big business
Like any organized crime, cybercrime is focused on organizations or people
who are easy targets with something worth stealing. Increasingly, that means
individuals and smaller companies who lack the security infrastructure and
budget of big businesses. Therefore, mid-sized businesses must not only
understand the severity of the risk, but also the security capabilities they need
to protect their data.
Smaller companies are now the target
As larger enterprises have become more secure, cybercriminals are moving
down the business chain to smaller businesses that have less formal policies
and systems in place. For example, the FBI is investigating several hundred
cases of Automated Clearing House (ACH) network fraud. Cybercriminals,
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 6/12
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 7/12
6 < >
Protecting the Mid-sized Business: New security requirements and possibilities
->Understand and protect against online user habits that put the business
at risk
->Dynamically protect against malware and deliver on-demand ratings that go
beyond the traditional reputation-based protection model
->Protect users no matter where they work, even on unsecured networks such
as airports and coffee shops
->Fit the tight budgetary and resource needs of smaller businesses
New security requirements and possibilities
Blue Coat addresses the need for affordable, enterprise-class security in
mid-size businesses. Our comprehensive, layered defense system includes
real-time web intelligence-based ltering, data loss prevention, gateway
antivirus and extensive support for mobile users.
Protection beyond rewalls, UTMs and antivirus software
The rewall, or what it became – a Unied Threat Management (UTM)
appliance – provides rewall, spam ltering, gateway antivirus protection
and intrusion detection. The UTM opens and closes doors based on
web address or Internet “port” number, hides internal addresses and
resources from external sites and provides secure, encrypted tunnels and
authentication. However, it does not offer any awareness of active content
or real-time updates, which means that dynamic, short-lived threats remain
undetected between updates. In addition, rewalls and UTMs neglect remote
users entirely, leaving huge security gaps in your roaming workforce.
While AV software can classify web content as safe or dangerous, it relies
too heavily on signature matching for “known” threats. Antivirus software
relies on constantly changing denitions, and introduces an update cycle
that can’t stay ahead of dynamic threats. So again, these fall far short of the
best protection against the new threat reality. Traditional web ltering can
categorize URLs to control or block objectionable content, but it also relies
on static databases of known websites. Without the ability to address the
dynamic nature of malware, these solutions will always be at least one step
behind the latest attack.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 8/12
7 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Blue Coat ProxyOne delivers greater web visibility and control
Only Blue Coat provides all the required capabilities to give mid-sized
businesses the best protection against today’s threat environment. For more
than a decade, Blue Coat has been trusted by the largest, most security-
conscious organizations in the world. As part of our ongoing commitment
to delivering the most innovative security solutions, we have combined our
market-leading technologies into a single product: Blue Coat ProxyOne.
ProxyOne is installed at the threshold of your private network and the web,
so all users behind the ProxyOne are protected. And, for greater visibility intothe sources of malicious or dangerous web threats, all web activity is logged
and controlled by ProxyOne. In addition to offering protection from malware,
ProxyOne provides visibility into all users’ web activity and tighter control
over what they do online. Managing user behavior is critical to mitigating
security risks, as even innocent browsing can lead to poisoned search
results, compromised social networks and infected web sites.
ProxyOne is architected on a web proxy platform. The web proxy terminates
all web trafc – whatever web protocol is being used, including static and
active content, rich media and standard web content. In addition, to help IT
track all potentially dangerous web activity, ProxyOne offers a set of powerful
pre-dened reports and straightforward custom reports that highlight all
web activity information and links it to each user via their login. ProxyOne
administrators can also measure and report on web trafc performance,
trends, errors, bandwidth impact, streaming trafc levels and more.
ProxyOne delivers an intuitive, graphical interface to dene and manage
policy settings. This allows IT to protect the network and their computers
from malware, but also implements safeguards to help prevent employees
from being exposed to inappropriate or illegal areas of the web. Unlike
rewalls or traditional web ltering solutions, Blue Coat’s policy controlsextend the functionality of standalone URL ltering products by adding
content inspection and native proxy functionality for all popular web
protocols. And, because it leverages the WebPulse on-demand rating
service, ProxyOne has unmatched coverage of all potential requested sites in
customer deployments, providing an extremely low rate of false-positives.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 9/12
8 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Always on and always current
A protection system is only as effective as its web ratings. WebPulse, Blue
Coat’s collaborative cloud defense, ensures ProxyOne always has the latest
web ratings from its global community of more than 70 million people.
WebPulse comes standard with all ProxyOne appliances.
WebPulse leverages the worldwide Blue Coat user base in a community-
based, collaborative defense system. While other web security solutions
seek threats by crawling the web or rely on reports of new threats, Blue
Coat users automatically and anonymously send relevant details of their webactivity into the WebPulse cloud and receive real-time feedback. Seeking
threats or crawling the web to nd trouble typically takes too long, and
risks missing the hidden, dynamic links and malware that characterize
today’s threat environment. Safety in numbers is a well-known maxim, and
the greater the number, the more effective the defense. With 70 million
users generating 45 billion requests a week, they are much more likely to
encounter new threats – even attacks that exist for just a few hours.
Inside the WebPulse cloud, sophisticated technologies identify and analyze
threats and share this intelligence with the Blue Coat user community
on demand. As a cloud service, WebPulse produces the best delivery
mechanism for this intelligence, and ensures Blue Coat ProxyOne is always
up to date with the latest security. All without the need for manual updates
or software downloads.
The best protection, no matter where your users are
ProxyOne supports ProxyClient, which can be installed on remote machines,
to offer protection to remote workers who may log in on unsecured
networks, whether at home or on the road. ProxyClient is managed centrally
by the ProxyOne appliance and enforces the appliance policy that extends
the Acceptable Internet Use policy to remote users. Just like ofce-basedusers, all browsing and web activity through ProxyClient is controlled via the
ProxyOne appliance.
ProxyClient works directly with Blue Coat WebPulse cloud service to
eliminate the need for downloads or update cycles. Instead, web ratings and
threat protection are delivered on demand directly to the remote worker’s
computer – even when it’s disconnected from the ProxyOne appliance.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 10/12
9 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Enterprise-class protection in a mid-market package
ProxyOne has been specically designed to address the operational
requirements of the mid-market IT department. Set up and use of
ProxyOne’s user interface is graphical, simple and task-oriented.
Once you plug in and connect ProxyOne to the network, simply answer six
questions to complete the set up and switch to the browser-based graphical
user interface. ProxyOne comes pre-congured to block malware, but you
can congure and ne-tune any of the pre-dened policies using simple,
task-oriented menus to control the URL categorization features of theappliance. Once installed, ProxyOne is automatically connected to the
Blue Coat WebPulse service to provide real-time web ratings and enforce
network policies.
Simple setup and easy operation, on-demand security and automatic sotware
updates combine to satisy the operational needs o mid-sized IT.
In addition to providing greater web visibility, ProxyOne software updates are
continuously delivered as a service from Blue Coat.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 11/12
10 < >
Protecting the Mid-sized Business: New security requirements and possibilities
Conclusion
Driven by a highly organized cybercriminal community, today’s web threats
are stealthy, short-lived and protable. The volume and sophistication of
malware and the methods used by cybercriminals now target businesses
of all sizes. However, small and mid-sized businesses are at particular
risk of attack because they typically have fewer resources to devote to a
comprehensive security strategy. To address the need for an affordable,
real-time security solution, Blue Coat has introduced the ProxyOne
hybrid appliance.
ProxyOne, which includes Blue Coat’s innovative WebPulse cloud service and
ProxyClient software for remote workers, delivers enterprise-class security
to mid-sized companies. With ProxyOne, smaller companies can now protect
their critical data with real-time web ratings, instant security updates and
protection for remote workers. All in a package that is affordable, easy to
install and maintain.
To learn more about Blue Coat ProxyOne, please visit us at www.bluecoat.com
or contact your Blue Coat sales representative.
8/7/2019 Protecting the MidSized Business
http://slidepdf.com/reader/full/protecting-the-midsized-business 12/12
Blue Coat Systems, Inc. • 1.866.30.BCOAT • +1.408.220.2200 Direct
+1.408.220.2250 Fax • www.bluecoat.com
Copyright © 2010 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be
reproduced by any means nor translated to any electronic medium without the written consent of Blue Coat
Systems, Inc. Specications are subject to change without notice. Information contained in this document is
believed to be accurate and reliable, however, Blue Coat Systems, Inc. assumes no responsibility for its use. Blue
Coat, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter and BlueTouch are registered trademarks of BlueCoat Systems, Inc. in the U.S. and worldwide. All other trademarks mentioned in this document are the property
of their respective owners.
v.WP-PROTECTING-MSB-V1-1110