Clearpath, in conjunction with IT Security thought leaders, is excited to announce a five part series to increase awareness regarding the proliferation of malware in the enterprise. We have partnered with many vendors to bring best of breed solutions to our clients. Splunk, Cisco Systems, Checkpoint software, Trend Micro, and Carbon Black are a few of our partners that we have joined forces with to assist in making your mission successful. We understand that one size does not fit all, and strive to provide tailored solutions to meet your requirements and budget. Many organizations install anti-malware software on their users PC’s and “check the box”, indicating the users are now protected, when in fact, an informed end user is often the first wall of defense against malware. Clearpath’s goal is to educate and promote awareness on the new and innovative ways to protect the overall enterprise. Topics in our new series include neutralizing malware at the gateway, social engineering, finding hidden malware in your data center, and how to tie everything together into a solid layered defense.
Malware has been causing downtime, loss of data, and irreparable damage to computing devices for over 20 years. Over the past few years a new form of malware has evolved, often referred to as ransomware, and its devastating effects on companies and individuals has made global headlines. Due to bad actors being able to monetize malware as ransomware, there is an increasing incentive to create new and more virulent strains of this damaging software. In light of these continuing occurrences, Clearpath would like to share the following information with the hope that you and your company will be able to pre-emptively catch these security issues and prevent any loss of productivity.
The best prevention for malware attacks is a vigilant end user. Employee training and IT Security awareness should be front and center in the battle against IT security events. Many IT attacks begin when a user opens a malicious e-mail or clicks on a link in a web page that downloads the malicious payload to the endpoint. When a malware event occurs due to an infected user device, it is imperative that a current comprehensive solution be in place to protect not only the individual user but the enterprise as a whole, as resources are often shared in a corporate environment. A comprehensive endpoint solution should provide visibility into the attack, the ability to stop the attack, application control, and the ability to force the attackers to change behavior in order to gain access. For fileshares and NAS devices, products should include a robust AI solution and user behavior monitoring as an integral part to reduce the risk of infection propagating through business critical data repositories.
A good first resource to stay informed of malware threats is CERT (United States Computer Emergency Readiness Team), a division of the Software Engineering Institute at Carnegie Melon, as they provide a free e-mail service to notify the community of emerging and current threats. Regarding ransomware, please refer to bulletin TA16-091A as this document contains useful advice and tips on how to mitigate the risk associated with these strains of malware. https://www.us-cert.gov/ncas/alerts/TA16-091A.
Be on the lookout over the next few weeks for parts 1, 2, 3, 4, and 5, listed below:
- Part 1 of 5- Detecting and Blocking Malware at the Gateway Before Users are Affected
- Part 2 of 5- Educating the User and Social Engineering
- Part 3 of 5- Hunting Hidden Malware in your Datacenter
- Part 4 of 5- Complete Endpoint Solutions
- Part 5 of 5- Enabling Secure IT Operations for your Organization