StillSecure Measures the Value of Network Access Control15 February 2006
StillSecure, provider of an award-winning, integrated suite of enterprise network security solutions, today announced the Endpoint Security Index, a research project that outlines the value of network access control and policy enforcement. StillSecure developed the Endpoint Security Index to quantify the threat that endpoints introduce into a typical enterprise network, and to determine the best methods for reducing an organization's risk. Two months of findings already confirm that security policy enforcement is an increasingly necessary and effective method for combating network attack.
To develop the Endpoint Security Index, StillSecure's Security Alert Team (SAT) tracks the number of vulnerabilities, viruses and spyware that infiltrate four endpoint devices with different security policies -- including no policy, a typical policy, a typical policy with enforcement, and a high policy with enforcement. Each of the policies has varying levels of the following security measures: personal firewall, hotfixes, anti-virus, anti-spyware, and Internet Explorer Security Zone settings. No security measures are implemented in the no policy setting. The typical policy includes delayed hotfixes and anti-virus updates, with a medium security zone setting. The typical policy with enforcement uses a network access control solution to enforce up-to-date hotfixes and anti-virus, and the high policy with enforcement adds a host firewall, anti-spyware, and a high security zone setting.
"Attacks that leverage the endpoint have increased exponentially over the past few years, validating the importance of testing each endpoint before it gains network access to determine any remediation activities that are needed," said Mitchell Ashley, CTO and VP of Customer Experience at StillSecure. "The Endpoint Security Index helps organizations understand what policies to put in place so that they meet compliance and business continuity requirements. Initial results illustrate the importance of active policy enforcement; it's the difference between having anti-virus installed and ensuring it's up-to-date, which can be the deciding factor the next time a Blaster-style worm hits."
More data from the project's findings will be available in the coming months. Some initial observations are outlined below:
* Endpoints with no security policy are vulnerable to a series of
cascading security events. In January 2006 the endpoint with no
security policy obtained an IRCbot which led to adware being installed,
the Prutect trojan corrupted anti-spyware updates and interfered with
virus scanning, and other unauthorized system changes were made.
* There is a correlation between the Internet Explorer security zone
settings and the amount of spyware on a device. Low and Medium-Low
settings allow users to download potentially malicious files that have
been compromised by spyware. File downloads are not permitted with high
security zone settings so the threat is non-existent.
For more information about the Endpoint Security Index and details on monthly findings please visit: http://www.stillsecure.com/endpointindex.
About StillSecure
StillSecure delivers network security solutions that protect IT business infrastructure. The integrated StillSecure suite provides preventative defense, enables compliance with regulatory information security policies, and actively blocks network attacks. StillSecure manages and reduces risk from network attack and noncompliance for some of the largest organizations in the healthcare, financial services, government, and education sectors. For more information please call (303) 381-3830, or visit http://www.stillsecure.com.
Sonya Hausafus
Director of Public Relations
StillSecure
303-381-3843
shausafus@stillsecure.com
Source: prnewswire
All trademarks and copyrighted information contained herein are the property of their respective owners.
The Shield Pro 2006
Related Articles
|
