Current Filter: Network>>>>>Feature>

   

Last year 73 per cent of the UK population accessed the internet every day, according to figures from the Office for National Statistics. Workplace access is also increasing. It's perhaps unsurprising then that IT security breaches are at their highest level in UK history.

The McAfee Labs threats report for the fourth quarter of 2013 noted 288,000 global malware samples each day: around 200 per minute. Symantec's 2013 internet security report found that data breaches had grown by 62 per cent between 2012 and 2013. The Heartbleed bug alone affected an estimated 600,000 internet sites, while an experiment by McAfee in 2014 revealed that 80 per cent of workers fall for a phishing email at least 14 per cent of the time.

The business difficulty is striking a balance between online freedom and a tight perimeter. A holistic approach to security based on DiD (defence in depth) strategies is needed. Increasingly complex attack vectors require a layered strategy that prioritises high-impact solutions, such as privilege management, application whitelisting and patching.

However, advanced persistent threats can still slip through the net. Vulnerabilities in web browsers, Java, and software such as Adobe Reader and Microsoft Office still exist, and malicious code can enter a network as workers go about their daily tasks if the latest patches are not installed. To close this gap organisations can turn to sandboxing, which when used correctly and safely will contain web threats, isolating any malicious activity. This final layer of defence allows individuals to browse the web freely, protecting productivity.

The Australian Department of Defence names application whitelisting and privilege management as part of its four key mitigation strategies, alongside patching operating system vulnerabilities and applications. By implementing these four quick wins, real world data shows that 85 per cent of cyber intrusions can be stopped.

With a solid security foundation in place, the challenge is to find a solution to mitigate the biggest window of opportunity for malware to enter the network - the internet. Employees browsing websites carrying hidden threats and opening untrusted documents are becoming direct targets for attackers. Vulnerabilities in software and applications such as Java, Silverlight and Adobe Reader can result in an employee being unknowingly compromised, simply by viewing a website or downloading a document.

So that user productivity is unrestricted, there is a need for internet sites and documents to be isolated from sensitive private data whilst still being viewable by the user - protecting online activity with a safety net. This is where sandboxing comes in. Effective sandboxing is seamless to the end user, keeping untrusted documents in a contained environment and preventing malware from executing.

Documents downloaded from the internet are automatically merged with the user's profile, allowing them to edit, save and print as normal, while the file remains protected by the sandbox. However, any private files are protected, and when reopened they will automatically remain isolated, thus increasing security without impacting on the user experience.

With solid security foundations in place using privilege management and application control, sandboxing is the natural third pillar in an effective endpoint security strategy. But for sandboxing to work it has to be easy to deploy and simple to manage. Crucially, it must stay simple once it's scaled up to hundreds or thousands of users. Typically organisations run into issues when scaling up, and the default reaction is to reduce the complexity of the project, which ultimately leads to failure.

Integration into existing systems is critical. That includes policy management, endpoint/client management and auditing/reporting systems. If you can plug your sandbox directly into all of these, then deployment and ongoing management becomes very simple.