2010, Mar 12
How some Asian organizations dealt with 2009 data security threats
How some Asian organizations dealt with 2009 data security threats
By Victor Ng | Feb 4, 2010
0 comments
Facebook
Delicious
Digg
Email
PrintThumbnail:
With the rise of polymorphic threats (where every instance of the malware is slightly different from the one before it) and the explosion of unique malware variants in 2009, Asian enterprises are realizing that traditional approaches to antivirus are not enough to protect against today’s threats.
Symantec Endpoint Protection (SEP) 11.0 is a comprehensive endpoint security solution that offers users with essential security technologies for laptops, desktops and servers via a single agent and a central management console, to provide protection against even the most sophisticated attacks that evade traditional security measures, such as rootkits, zero-day attacks, and mutating spyware.
With the increasing mobility of the Asian workforce, enterprises need to ensure that employees not working within the corporate environment are also taking the right precautions to prevent the loss of confidential data wherever it is stored or used.
SEP 11.0 and its accompanying module, Symantec Network Access Control (SNAC) 11.0, can prevent sensitive and confidential data from being extracted or stolen from the endpoints. The solutions have the ability to lock down endpoints to prevent connections with thumb drives, CD burners, printers, and other USB devices. The software also prevents the endpoints from being infected by viruses spread from peripheral devices.
St. James' Settlement, a non-governmental organization (NGO) based in Hong Kong, implemented SEP to secure data on its 700 client workstations. Terry Lau, the organization’s IT manager, summed it up this way: "Symantec Endpoint Protection is saving our central IT team around 8 hours a week – which is a huge benefit for a staff of three people."
One SEP feature they are happiest with is the device control functionality, which helps to further improve security. St James' Settlement's IT group has written specific rules that limit which peripherals can connect to machines with access to particularly sensitive data, such as the workstations in the family counseling department.
"It is very important for us to protect the privacy of client data," said Lau. "We use the device control feature of Symantec Endpoint Protection to block some workstations from saving to external USB storage devices. Businesses in Hong Kong frequently suffer security breaches because of USB devices, so we have removed that risk."
Another customer, Energy Market Company (EMC), the operator of Singapore's wholesale electricity market, was concerned about the uncertainty over potentially infected endpoints and their impact on the rest of EMC's network.
James Ng, vice-president of information technology at EMC, chose to automate the detection and isolation of infected endpoints using Symantec Endpoint Protection and Symantec Network Access Control. The infrastructure now denies a connection to any noncompliant device that attempts to connect to the network.
An infected endpoint on EMC's network is automatically isolated in seconds. "The user can't do anything on the infected PC," Ng said. "In the past, the user may not have called us, and the infected PC could have gone unnoticed. With this system in place, there is consistency in the way we detect and remediate problems."
