If my more than eight years of experience at IBM’s Internet Security Systems and Safe Systems has taught me anything, it’s that an ounce of prevention is worth a pound of cure. And when it comes to malware prevention, there seems to be too much focus on the cure instead of the prevention itself.
Too often I see a financial institution focus its resources on reacting to malware instead of proactively investing in ways to prevent it. One of the top questions I hear when talking with staff at a bank that has just spent hours of valuable administrator time and hundreds and thousands of dollars on malware cleanup is, “We have a lot of security solutions in place to prevent malware. What else can we do to prevent this from happening again?”
It’s a great question. And to help answer it, I’d like to share three easy and cost effective changes that will decrease the risk of malware affecting your network:
- Education: The best starting point with prevention is education, as it addresses the weakest link in security: people. Security Awareness Training (eSAT) from Gladiator is a very affordable solution that helps reduce the risk of employees being susceptible to attacks and deception from web pages and email. The administrator can easily track the progress of each employee in regards to their security awareness quiz and the electronic acknowledgement form, which are two great deliverables to give auditors and examiners.
- Software: Know what software is installed on all of your devices. Software is an entry point for malware to access your network that can get past your firewall, IPS, and antivirus solutions. Some software is required for the business to function. In these instances we accept the risk, and focus on ensuring that the required software stays up-to-date and is fully patched so we can address this risk. While patching software is a necessary process that should be automated, the first step really should be determining if this software needs to be installed on the machine. Ask yourself, “What value does this software have for my institution?”Our NetComply toolset can assist your institution with this by running “License Count” and “Add/Remove without Patches” reports. These reports can either run manually or be set up to reoccur and be emailed to the administrator. Reports are an easy way to assess what software is installed on what machine, and whether it should be removed.
- DNS Monitoring: At this point, firewalls, intrusion prevention systems (IPS) and antivirus have been around for many years. They represent a strong foundation when it comes to securing your network. However, these solutions alone are simply not enough to prevent intrusions. Whenever a bank or credit union asks me about malware, I always mention Gladiator’s DNS Monitoring service, Advanced Malware Protection, which takes a unique and powerful approach to combating malware by operating through a secure hosted domain name system (DNS) architecture. In conjunction with Gladiator’s research department and industry-leading partners in DNS security and threat intelligence, the service offers clients the ability to pass all website DNS requests and other DNS traffic first through Gladiator’s cloud security systems before those connections are allowed to send or receive data. These requests are analyzed in real-time for fraud patterns, malware, and data-stealing risks. When threats are detected, the requests are rerouted to a safe landing page hosted by Gladiator to proactively stop the malicious activity. If malware activity is detected, Gladiator’s 24 x 7 x 365 security staff will provide timely response recommendations and detailed information about malware activity including root cause analysis.