An antivirus solution is now a standard fixture in the IT security arsenal of any serious IT shop. It should allow the system to scan static files on disk and also programs that are resident in memory for suspected malicious activity. This is clearly good practice and is, indeed, a basic essential, but attackers that are clever enough to create zero-day exploits could also be clever enough to devise ways to bypass malware detectors.
The best advice is to use a layered approach and additional security controls should be implemented to make your systems a ‘hard target’ so that attackers are encouraged to move on to other, less challenging targets. Web and e-mail filters should be used to blacklist known malicious addresses and high risk sites to prevent drive-by downloads, which can easily undermine the integrity of your network. Keeping systems patched and up-to-date is also important for preventing attacks. It ensures that would-be attackers cannot exploit known vulnerabilities in your OS and applications. Layering multiple methods of security is important as it makes your system a less appealing target for a potential attacker.
A good way to determine which solutions and controls should be applied to you environment would be to follow a recognised security management standard such as ISO 27001. It provides a comprehensive list of areas that should be considered in Annex A of the standard. It will encourage you to assess the risks in all these areas and where appropriate adopt suitable technical or procedural controls to reduce the identified risks.
If you are concerned about the current security systems that are deployed in your business and would like advice and cost-effective solutions, then please feel free to contact us for a no-obligation discussion? Whether you’re looking for help with penetration testing and security reviews, or seeking advice on security compliance and web security solutions, Krypsys can provide expert assistance. For more information, please contact Krypsys on 0845 474 3031 or [email protected]