Promisec Unveils Best Practices To Combat SME Security Threats
August 30, 2007 (PRLEAP.COM) Technology NewsPromisec™ Inc., a technology leader in clientless endpoint security management with the industry’s first agentless monitoring and remediation solution that supports layered internal security management, today issued network security best practices for use by small and medium enterprises (SMEs).
SMEs Need to Address Internal Threats, Leverage Automation To Ensure Highest Levels of Security and Threat Mitigation
SMEs face a different set of security challenges than enterprises and must adapt security policies and practices accordingly to avoid costly intrusions and that can cripple or substantially harm the company.
According to Promisec, SMEs face unique security challenges by having to protect against many of the same threats as enterprise customers but without the IT staff, budget and experience utilized by larger IT departments. The limited IT security resources place a higher burden on SMEs to develop a comprehensive security policy that can be automated by leveraging available technology instead of relying on human monitoring to identify and correct security problems.
“SMEs have just as much at risk from security breaches but they are more susceptible to these lapses because of limited human resources and lack of experience in understanding the nature of new security threats. They also have substantially less financial and technical resources than enterprises have access to in building their corporate security infrastructures,” said Amir Kotler, CEO of Promisec. “Promisec understands the challenges facing the SME and we offer our own expertise and experience to help them deploy a strong, proactive security strategy built around the simple but powerful agentless architecture of Spectator™ Professional endpoint security management technology.”
While SMEs need to be on guard against external threats that can penetrate a network and compromise company data, the more serious threats are likely to be internal. A recent Gartner Inc. survey showed that 80 percent of security threats originate within the network, rendering defenses running on network gateways completely ineffective.
Internal threats come from a variety of sources, some intentional and some innocent, such as installing unauthorized applications, disabling or failing to update installed security software, firewalls or proxies to prevent emails with malicious attachments and keystroke loggers. Perhaps the most publicized threat today is the use of unapproved storage media, such as CDs, DVDs, USB storage devices, infrared, modems and WiFi. These devices can be twice as dangerous with the ability to not only introduce security threats such as malware and viruses onto a previously secure network, but also download and remove sensitive company data.
To minimize or eliminate these security threats, Promisec recommends these security practices for SMEs:
• Develop written guidelines to establish company-wide security policies
These policies will clarify safe practices for all employees to minimize the potential for internal threats coming from employee ignorance of the potential threats.
• Deploy a Layered Security Infrastructure
Different threats require different security tools, ranging from anti-virus and anti-spyware software to firewalls and IPS devices. To be truly effective, an SME data protection solution must encompass a variety of these tools to protect against the diversity of security threats.
• Automate the Security System
Given the IT budget constraints of most SMEs, it is unrealistic to expect them to have a dedicated network security administrator to monitor and respond to security threats. Instead, SMEs need to automate the system with a security tool, such as Promisec’s Spectator Professional, that universally monitors and remediates all security software as well as their associated processes and services.
• Review and Refine the Security Baseline
After reviewing the threat and remediation reports from Spectator, SME security polices should be updated and strengthened where needed to address the most serious threats.
Spectator Professional is Promisec’s answer to SME’s internal network security, providing organizations with a complete security solution that protects against threats originating within the internal network, caused by an organization’s own users or other insiders. The solution is a software-only solution that is normally installed on an administrator’s desktop or on a dedicated server. With detection, repair, prevention and monitoring modules, Spectator Professional delivers a comprehensive solution to manage security and compliance on all organization network endpoints and servers. It identifies threats that have bypassed gateway security systems and embedded themselves in the network - rogue access points, modems or any other peripheral device added to any network endpoint or server, and unauthorized processes or applications. It then remediates the threats before they can cause a security breach. Spectator Professional also continuously inspects each and every endpoint and server in the network to ensure compliance with company policy and with applicable regulatory statutes.
Visit the Promisec Website to learn how to improve SME endpoint security at http://www.promisec.com. Promisec Spectator Professional is available through resellers across the United States.
Promisec, Ltd. is an award-winning technology leader in agentless endpoint security management software. The company offers industry proven internal network security solutions in use by Global 2000 organizations, including AGF, AmeriQuest and Comverse. The company’s flagship product, Promisec Spectator Professional, protects against business disruption from internal network threats with the only agentless endpoint security management software to deliver both monitoring and remediation and the ability to manage third-party security products for a layered approach to corporate network security. Privately held and founded in 2004, Promisec’s main headquarters are located in Israel with offices in New York, London and Paris. The company’s U.S. headquarters are located at 461 Fifth Avenue, 8th Floor in New York City, NY 10017. Visit the Promisec Web site at www.promisec.com .
Promisec, the Promisec logo and Spectator Professional are trademarks or registered trademarks of Promisec, Ltd. All other product and brand names mentioned in this document are trademarks or registered trademarks of their respective owners.