Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Desktop Defense

In the short term, forward-thinking organizations will look to combine conventional antivirus technology with supplemental, and often inexpensive, approaches: investigating network-layer controls on their hosts, restricting service profiles, proactively patching both operating systems and applications, using Layer 7-capable network-scrubbing devices, deploying more comprehensive host protection suites and using less-vulnerable applications. Some of these tactics will require further investment but many simply need organized efforts to better control what you've already purchased. Long-term, enterprise consumers must demand mandatory access control (see "The Promise of MAC,") and better coding standards in mainstream software. Our OSs and applications should protect us from threats, not expose us to them.

Evolving Vectors

Almost everyone is familiar with the phrase low-hanging fruit as it applies to information security; it's typically used to describe the security problems or holes that are the easiest or cheapest to address, yet often yield a relatively high return by lowering an organization's overall risk profile. Another buzzy term making the rounds is blended threat, used to reference attacks that come over a variety of mediums (Web, instant messaging, e-mail, file sharing and so on). Marketing aside, this parlance is a direct result of real-world changes; even basic attacks are appearing in new forms, and the weakest points in our defenses are continuing to shift. But that's only part of the story.

In looking at perimeter trends, it's clear that many organizations have realized the importance of patching and service exposure restrictions. Vulnerability management provider Qualys, for example, says it continues to see a decrease in lead times that pertain to the patching of perimeter-facing systems and related exposures. Gerhard Eschelbeck, CTO and vice president of engineering at Qualys, shared some of its trending data (see "Vulnerability Half-Life," right), which shows that organizations are patching many of their systems in a more organized, timely manner.

Vulnerability Half Life

Click to Enlarge
  • 1