YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

Similar documents
IT & DATA SECURITY BREACH PREVENTION

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

Machine-Powered Learning for People-Centered Security

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

CA Security Management

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Getting over Ransomware - Plan your Strategy for more Advanced Threats

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Device Discovery for Vulnerability Assessment: Automating the Handoff

9 Steps to Protect Against Ransomware

Best Practices in Securing a Multicloud World

Symantec Endpoint Protection 14

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Ransomware piercing the anti-virus bubble

TREND MICRO SMART PROTECTION SUITES

Kaspersky Security Network

The 2017 State of Endpoint Security Risk

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

with Advanced Protection

IBM Security Network Protection Solutions

10 BENEFITS THAT ONLY AN INTEGRATED PLATFORM SECURITY SOLUTION CAN BRING

Massive Attack WannaCry Update and Prevention. Eric Kwok KL.CSE

Carbon Black PCI Compliance Mapping Checklist

The Value of Automated Penetration Testing White Paper

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

ENDPOINT SECURITY FOR BUSINESS: TECHNOLOGY IN ACTION

Kaspersky Security. The Power to Protect Your Organization

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

ForeScout Extended Module for Splunk

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

Tips for Effective Patch Management. A Wanstor Guide

TREND MICRO SMART PROTECTION SUITES

Advanced Threat Defense Certification Testing Report. Symantec Corporation Symantec Advanced Threat Protection

THE RISE OF GLOBAL THREAT INTELLIGENCE

Global security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise

Automating the Top 20 CIS Critical Security Controls

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Clearing the Path to Micro-Segmentation. A Strategy Guide for Implementing Micro- Segmentation in Hybrid Clouds

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

The SD-WAN security guide

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

VIETNAM CYBER-SAVVINESS REPORT 2015 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN VIETNAM

Security Automation Best Practices

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

Security and Compliance for Office 365

SECURITY AUTOMATION BEST PRACTICES. A Guide to Making Your Security Team Successful with Automation

HOSTED SECURITY SERVICES

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

Service Provider View of Cyber Security. July 2017

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

FIREWALL BEST PRACTICES TO BLOCK

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

2018 Edition. Security and Compliance for Office 365

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

THREAT REPORT Medical Devices

CYBER SECURITY: Layered Approach

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

What is Penetration Testing?

Symantec Protection Suite Add-On for Hosted Security

SECURITY AUTOMATION BEST PRACTICES. A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1

This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry

IPLocks Vulnerability Assessment: A Database Assessment Solution

Changing face of endpoint security

Defend Against the Unknown

GUIDE. MetaDefender Kiosk Deployment Guide

Combating Cyber Risk in the Supply Chain

IP Risk Assessment & Loss Prevention By Priya Kanduri Happiest Minds, Security Services Practice

Symantec Endpoint Protection

Power of the Threat Detection Trinity

Continuously Discover and Eliminate Security Risk in Production Apps

Security-as-a-Service: The Future of Security Management

8 Must Have. Features for Risk-Based Vulnerability Management and More

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Preparing your network for the next wave of innovation

Micro Focus Desktop Containers

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

How to measure your SOC efficiency: the Devil is in details

Panda Security 2010 Page 1

Mobile County Public School System Builds a More Secure Future with AMP for Endpoints

Threat Centric Vulnerability Management

ENTERPRISE ENDPOINT COMPARATIVE REPORT

How NOT To Get Hacked

Comodo Unknown File Hunter Software Version 2.1

Mastering The Endpoint

Protect Your End-of-Life Windows Server 2003 Operating System

A Strategic Approach to Industrial CyberSecurity. Kaspersky Industrial CyberSecurity

Evolution of Spear Phishing. White Paper

Transcription:

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

Your Data Under Siege: Guard the Gaps with Patch Management 1.0 Until recently, most businesses took a traditional, perimeterbased approach to information security. The thinking was: If we build a wall high enough, nothing will get in. That was fine until cyber criminals started looking for unguarded cracks in the masonry, forging counterfeit keys for the padlocks and tricking the guards into letting them in. Today s threat landscape is more than any traditional, anti-virus-only security strategy can handle. There s simply too much going on. Between 1992 and 2007, Kaspersky Lab identified approximately two million unique malicious programs. By 2009, that figure increased to 33.9 million and 2010 hit a new record, as 1.5 billion malware incidents were recorded; more than a third of them browser-based. By 2012, Kaspersky Lab experts were detecting an average of 200,000 new malicious programs every single day. No wonder only 31 percent of IT specialists had heard of the most widespread threats in 2012! 1 There s so much out there, you can t possibly keep track of every threat. Even the U.S. National Security Agency has shifted its stance to one that assumes a breach. 2 The reality for business is that the weakest link in the security chain is already sitting on their systems or sitting in front of them. Say hello to your applications. Their vulnerabilities, in the hands of the all-too-human end users who download and launch them, make applications one of the biggest threats to your business s information security today. This risk is compounded by the complexity of your IT infrastructure and a constantly evolving threat landscape. If you don t know what you ve got, how can you secure it? Third party applications accounted for a massive 87 percent of vulnerabilities in 2012. 3 That same year, Kaspersky Lab recorded more than 132 million applications at risk. Given that the average user has about 72 programs installed on his/her machine 4, tracking, finding, patching and blocking these vulnerabilities is no small task. If you don t find them, it s safe to say that the criminals will; all five of the major vulnerabilities found in Java in 2012 were actively exploited by criminals. 5 In 2010, weaknesses in Microsoft Office were among the most frequently exploited. Criminals never stop looking for ways into your systems. 1. Global IT Security Risks Report, Kaspersky Lab, 2012 2. U.S. Code Cracking Agency Works as if Compromised, Reuters News, December 16, 2010 3. Secunia Vulnerability Review, March 14, 2013 4. Secunia Vulnerability Review, March 14, 2013 5. Evaluating the Threat Level of Software Vulnerabilities, Kaspersky Lab, 2013 2

Almost every program has vulnerabilities, but you d be wrong to assume that Microsoft applications account for most of them. As this pie chart illustrates, the most susceptible applications have two things in common: they re widely used and they re third party applications. Focus solely on patching Microsoft OS and programs, and you re only covering a small fraction of potential threats. Managing and administering software updates while constantly monitoring for potential vulnerabilities is one of the most important, challenging and resource-intensive tasks faced by an IT department. So where do you begin? How can you find out which programs are installed on which endpoints? And which of these contain vulnerabilities? Did all the updates you sent out last week go to all the endpoints they were supposed to? Did any of your users switch off before the update process was completed? Will the patches and updates for a particular piece of software affect the functionality of others? Is there some way you can test these things? How do you know which vulnerabilities are the most critical? Can you schedule less important updates for after hours? If you re running systems management technology with automated vulnerability scanning and patch management, the answer to all of these questions (and a lot more) is Yes. Managing and administering software updates while constantly monitoring for potential vulnerabilities is one of the most important, challenging and resourceintensive tasks faced by an IT department. With criminals repeatedly scanning systems for any sign of weakness, it s vital that IT administrators can find and fix gaps in security before they re exploited. The first step in achieving this goal is to establish exactly what software and which version is sitting on your systems. These inventory checks are often so complex and demanding that IT departments avoid them, reducing the effectiveness of any vulnerability scanning and patching initiative. You need a systems management solution to automatically perform this for you, compiling an up-to-date picture of the software and hardware landscape you re responsible for. 3

What browser versions are people using? Are employees running software you don t want them to use? Have people added devices such as smart phones to the network without permission? It s important to monitor all these factors if you want to keep your system safe. The first vulnerability scan you perform is likely to reveal a grim picture. If you keep tight controls over user administration rights on endpoints, expect to see near-obsolete software and versions of software that many employees are reluctant to upgrade because they just work. Another key benefit of the inventory process is its ability to highlight the presence of legacy software on your systems. These outdated applications can represent a significant threat, sitting on your systems, unknown and unpatched, just waiting for a targeted attack that s likely to go undetected in organizations where no one even remembers the software is there. While an overwhelming majority of popular vulnerabilities were detected in 2011 and 2012, Kaspersky Lab research has found that almost two-thirds of discovered software flaws were found in programs released in 2010 or earlier, reinforcing the need to get an accurate inventory of your system s software. The first vulnerability scan you perform is likely to reveal a grim picture. If you keep tight controls over user administration rights on endpoints, expect to see near-obsolete software and versions of software that many employees are reluctant to upgrade because they just work. Don t worry. You ve discovered some of the most vulnerable points you (and the criminals) are searching for and you are experiencing a typical problem: According to Kaspersky Lab research, more than 70 percent of users of the most vulnerable programs (Abode Reader, Flash and Java) are highly reluctant to update. In fact, seven weeks after Oracle released a new version of Java, fewer than 30 percent of users had upgraded. Major Web browser updates take about a week to reach the same uptake levels. Some of the vulnerabilities Kaspersky Lab has uncovered on endpoints were first identified as long ago as 2003. There was a patch available, it just hadn t been installed. With system management technology, detailed information on vulnerabilities is gathered, analyzed, assessed, and then automatic fixes are scheduled based on whether the risk is Critical, High or Warning. Choose a solution that can evaluate the vulnerability status of your network and generate reports that either show individual endpoints by severity of weakness or allow you to click on the vulnerability name in an aggregated table to view a list of all affected endpoints. Automating updates and patching is important, but you also need to manage how those updates work with your other security tools, such as antivirus and application controls, as well as other applications. One vendor s patch can sometimes wreak havoc with another piece of software. Sometimes patches are released too soon, before dependencies and other issues have been resolved, creating conflicts and limiting the functionality of other software. Web-based applications, in particular, can be susceptible to this scripting tools that operate only with specific browser versions or applications that have complicated Java dependencies, for example. The right solution will make it easy for administrators to test deployments prior to implementation. You should be able to do this on selected individual endpoints, specified groups, or even a set percentage of randomly chosen computers within a specified group likely to be affected. Issues discovered should be manually excluded from the overall patch process. 4

Effective strategy 2.0 Vulnerability scanning, implemented in tandem with an effective patch management strategy, can help you to keep one step ahead of criminal hackers. An effective strategy should take care of that for you. Keep up to date: Outdated software creates weak spots across your business, whether it s on your servers or at the endpoint. Use automated, regularly-scheduled vulnerability scans to keep you abreast of weak points, allowing you to automate the implementation of patches and fixes. Automate: Effective patch management improves reliability and IT efficiency. By automating the deployment of software updates and the administrative tasks that go with it, the right technology helps minimize downtime associated with patch deployment, auditing and roll-back. Roll back the clock: Updates/installations don t always run smoothly. Sometimes, patches can cause instability or are incompatible with other software or drivers on your machines. Your security technology should address this issue simply. The Kaspersky solution includes integrated image/provisioning functionality, making it easy to roll back to a fullyfunctioning, optimized system. Gain complete visibility: By automating scanning, you ll have complete visibility into the current state of patching and updates on all machines. Prioritize: Comparing the results of your scans against multiple vulnerability databases will help you to gain an understanding of the risks associated with any vulnerability. In addition to Microsoft Windows Server Update Services (WSUS) and Secunia Vulnerability Database, Kaspersky Lab s dedicated Security Network (KSN) works in tandem with vendors and millions of users globally to ensure the most detailed, up-to-date information on software and vulnerabilities is available. Over one million files are added each day. Based on this intelligence, you can prioritize patching, rolling out less urgent fixes after hours and spreading the load on your network. 5

Implement Dynamic Whitelisting: Integrated, dynamic whitelisting functionality boosts vulnerability scanning and patch management through the addition of an extra layer of security: application control. Because today s safe application is tomorrow s threat that needs to be patched, isolated or blocked. Conduct deep analysis of each new threat: Instead of the usual just block it approach, every detected threat is analyzed to understand the initial intention of attack. From heuristic and signature-based analysis to source detection and reputational analysis, everything is compared against Kaspersky s real-time Security Network (KSN), which detects and analyzes millions of threats globally each day. This gives you a more risk-aware, agile security posture. Report: Accurate, up-to-date and detailed information is a vital part of any security and risk management strategy. By running reports on your scans, you add another layer of insight allowing you to examine and report on potential weak spots, spotting and tracking changes and also giving detailed insight into the patch status of every device and system on your network. Targeted attacks, advanced persistent threats, automated attacks and zero-day vulnerabilities all shrink the time between vulnerability discovery and the creation of an exploit. By automating and scheduling regular scans and patch implementation, IT administrators can streamline their patching and vulnerability scanning processes without compromising on their effectiveness. 6

Vulnerability scanning and patch management: part of a wider systems management approach As IT professionals struggle to do more with dwindling resources and budgets, there s a danger that complete visibility and control over business networks will be lost as administrators are forced to focus on urgent issues, often to the detriment of essential, yet mundane, tasks. Vulnerability scanning and patch management form two components of a wider systems management approach to IT security. By integrating key functionality such as dynamic whitelisting, application control, vulnerability scanning and patch management with complementary technologies such as inventory management, imaging/provisioning and network admission control (NAC), Kaspersky Lab is able to deliver a level of security far greater than the sum of its parts. Add in the vital, full-featured spectrum of antivirus, anti-spam, web controls, and anti-spyware technologies, and you can not only see where the vulnerabilities in your systems lie, but control and protect them too. As IT professionals struggle to do more with dwindling resources and budgets, there s a danger that complete visibility and control over business networks will be lost as administrators are forced to focus on urgent issues, often to the detriment of essential, yet mundane, tasks. By centralizing and automating many essential configuration and management tasks, IT administrators can not only save themselves time, but money too. Effective systems management, driven by centralized configuration, vulnerability scanning and patch management tools, supports many of the best practices that optimize IT resources while enforcing your company-specific policies. About Kaspersky Kaspersky Lab is the world s largest privately held vendor of endpoint protection solutions. The company is ranked among the world s top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. With its holding company registered in the United Kingdom, Kaspersky Lab operates in almost 200 countries and territories worldwide, providing protection for over 300 million users worldwide. Kaspersky Systems Management is a component of Kaspersky Endpoint Security for Business. Combining award-winning anti malware, IT policy enforcement tools, centralized management and cloud-assisted protection, Kaspersky s business security products are the right choice for your organization. *The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report Worldwide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012. Call Kaspersky today at 866-563-3099 or email us at corporatesales@kaspersky.com, to learn more about Kaspersky Endpoint Security for Business. kaspersky.com/business SEE IT. CONTROL IT. PROTECT IT. With Kaspersky Lab, now you can. 2014 Kaspersky Lab ZAO. All rights reserved. Registered trademarks and service marks are the property of their respective owners. 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback