|
The Need for Host Intrusion Prevention
At the same time that organizations are providing deeper access to their networks for employees, partners and customers enabling flexible work environments and more efficient business relationships - organizations are faced with an increasingly hostile threat environment as well as rising complexity associated with corporate and regulatory compliance. This whitepaper looks at the security challenges faced by organizations and explains how Host Intrusion Prevention (HIP) plays a critical role in an organization's overall security strategy.
Executive Summary
Internet-based attacks against enterprise networks are unrelenting, more sophisticated and, because today's attackers are motivated by profit, more dangerous to the data and systems those networks hold. Compounding the heightened threat environment, regulatory pressures associated with information security have also increased dramatically. In the new regulatory environment, information security executives must succeed in the battle against these attacks and demonstrate continuous improvement in their defenses. Compliance is not an end state but a process, subject to continuous monitoring, verification, and improvement.
Defense-in-depth is the only viable strategy for data and system protection, but the environment is constantly evolving. Regulators demand the timely deployment of effective solutions. Because malicious code can now evade conventional defenses and penetrate deep into networks, today's security best practices are redefining the perimeter and incorporating host intrusion prevention (HIP) as the last line of defense in comprehensive defense-in-depth security strategies.
While providing many of the same proven security technologies used in perimeter security, such as firewall and anti-virus scanning, HIP solutions also focus on protecting applications by means of application data inspection to provide comprehensive host protection.
Being implemented at the host also means that, in order to be adopted, good HIP solutions need to embody specific characteristics, or be relegated to the shelf as impractical They must:
- Provide comprehensive protection
- Have minimal performance impact on the host
- Be extremely robust and reliable
- Offer low cost of ownership
With an organization's regulatory compliance, good corporate reputation, brand equity and customer satisfaction at stake, it is imperative that HIP be considered a critical part of the overall information security strategy and that organizations evaluate potential solutions to ensure they are doing everything they can to mitigate the growing risk to their organizations.
Enterprises Are Under Siege
Information security has never been a tougher challenge. At the same time that organizations are providing deeper access to their networks to employees, partners and customers enabling flexible work environments and more efficient business relationships - organizations are faced with an increasingly hostile threat environment as well as rising complexity associated with corporate and regulatory compliance.
Under these pressures, traditional approaches to information security are no longer sufficient to ensure an organization's regulatory compliance, and protect its brand and maintain customer satisfaction. As a result information security professionals are incorporating proven technology in new and innovative ways to better meet the challenge and mitigate security risks.
The Changing Threat Environment
Internet-based attacks against enterprise networks are unrelenting, more sophisticated and, because today's attackers are motivated by profit, more dangerous to the data those networks hold. The environment is so hostile that according to recently published tests the average lifespan of a poorly protected PC connected to the Internet is a mere four minutes. The fastest attack observed during the testing took a mere 30 seconds before the machine had been taken over.
Not only has the frequency and likelihood of an attack increased, so has the nature of attacks. Compared to a few years ago, there have been significant changes with respect to where attacks are originating and what attackers are exploiting. Today, a greater percentage of attacks are occurring over the network and software vulnerabilities have become the primary point of attack (Figure 1).
Increasing Risks
The rising threat environment is not the only thing driving the increased security risks faced by organizations. The consequences of a security breach are also fueling this escalation. Not only are the direct financial damages associated with for profit-cybercrime a concern, so are indirect costs such as lost productivity, erosion of brand equity as well as the consequences associated with regulatory non-compliance.
|
