This is a question asked by many organisations facing today`s reality: Traditional network defences are no longer able to fortify the network against all modern threats.
More powerful, proactive security systems and practices are required to meet the threats from mobile employees, teleworkers, contractors, business partners and many others who can now gain access to the network.
They can initiate attacks - intentionally or otherwise - that will jeopardise confidential information and compromise valuable corporate assets.
These attacks include application layer assaults, viruses, Trojans and denial of service attacks and many forms of worms and malware.
What can be done?
All too often, organisations rely purely on a perimeter-oriented strategy to secure their networks, without complementing these defences with internal security measures.
How large has the internal security threat become?
Research group IDC estimates that as many as 70% of security breaches are due to internal hacking.
Organisations must, therefore, secure all endpoint devices - be they personal computers, laptops, PDAs or others - as tightly as they would secure the network perimeter.
Effective strategy
The core of an effective endpoint security strategy requires that every endpoint device run a host-based firewall and anti-virus protection with up-to-date signatures before it is granted a connection to the network.
Importantly, it should also require that a critical Windows patch and an updated VPN (virtual private network) client be installed prior to network access.
This strategy forces each network entry to be "clean" before connecting.
Other features of a solid endpoint security plan include:
* Tight Integration: Integration with network gateway products ensures that non-compliant PCs are quarantined and brought back into compliance before they are allowed access to network resources.
* Client Lock Down: Prevent users and attackers from disabling endpoint security or enforcement of network access policy.
* Inbound Threats: Allow open PC ports only for authorised network traffic and block network intrusion attempts; port stealthing hides endpoint PCs from port scans.
* Outbound Threats: Prevent unauthorised applications and malicious code from capturing and sending enterprise data to hackers.
Corporate governance
Around the globe - and in South Africa - companies are being forced to comply with regulations such as Sarbanes Oxley and the King II directives to ensure the privacy and security of data. These corporate governance regulations drive an increased need for internal security.
According to Check Point Software Technologies, the much admired Israeli security firm that has dominated the firewall market since 1994, regardless of what prompts an internal security breach, one thing is for certain: the financial damage and the loss of productivity can ultimately cripple an organisation.
Check Point`s InterSpect is the industry`s first and only complete internal security solution, providing the deepest and most intelligent security available for safeguarding corporate networks from damaging cyber attacks that are introduced from within the network.
Check Point products have been distributed in South Africa for the past five years by Westcon, a Datatec company.
Westcon also distributes Check Point`s recently unveiled NGX platform - a unified security foundation for perimeter, internal and Web security solutions that enable enterprises of all sizes to reduce the cost and complexity of security and ensure that security systems can be extended to meet and counter new and evolving threats.
According to Westcon, the NGX platform changes the way companies think about their deployments by coupling deeper, broader and smarter Internet security within a unified security architecture.
Training initiative
Against this backdrop, the Westcon Training Academy has embarked on an initiative to enhance the skills of IT industry consultants whose focus is on security.
It provides both basic and advanced training to help resellers optimise their investments in sales support personnel, while providing career opportunities for technical specialists.
In line with this initiative, Westcon welcomes Niall Moynihan to the position of Country Manager for Check Point SA and commends Check Point on its commitment to the country - and its investment in the local marketplace.
Share