LATEST INTELLIGENCE
A multi-layer approach to
endpoint security
One successful malware infection provides the foothold
cybercriminals need to steal your organisation’s sensitive data.
Protecting the corporate endpoint is not achieved by a single ‘silver
bullet’ or next-generation technology. Anti-malware techniques each
have their own capabilities that add value in detecting an infection
attempt. But one technique, alone, does not deliver effective results.
Attackers use multiple vectors to deliver a successful attack; securing
the endpoint requires multi-vector protection. Your endpoint security
solution must have multiple layers of protection with a mix of static
and dynamic approaches.
Each layer has its positive attributes and shortcomings, which
is why no individual layer is 100% effective on its own. Your
endpoint solution must have a mix of layers that work together as
a collaborative system. This approach delivers the most effective
protection, and often detects and stops zero-day attacks.
Known attack detection
A solution’s ‘known attack detection’ layer blocks malware
quickly and with low overhead. This is done with matching (i.e.,
signatures) and rules-based technologies. Despite some claims
that signatures are outdated and ineffective, they have their place
in a multi-layer process.
Signature-based detection is a lightweight method to protect
against common attacks with minimal resource processing and
administration requirements. Signatures are good at stopping the
bulk of the less sophisticated attacks, and they do so with minimal
processing and end-user impact. n
Download whitepapers free from www.intelligentcio.com/me/whitepapers/
www.intelligentcio.com
INTELLIGENTCIO
23