Information security is like a foreign language to most people. Larger organizations have IT and security administrators fluent in security-speak to sort it all out and make sure everything is properly protected, but managers in smaller organizations are left to translate this lingo on their own.
When small companies start out, they generally just wing it. But eventually the company grows, and someone is assigned the role of managing IT and making sure it is secure. If you are that person in your organization, it would be helpful to understand the basic risks and threats you’ll encounter and some of the tools at your disposal. This security primer will put you on the right path.
Risks and Threats
First you need to understand what you’re up against. Two primary threats face your PCs and data: malware and hackers.
Malware is a broad term that applies to all kinds of malicious software. Viruses, worms, and Trojans are all types of malware with unique behaviors and methods of distribution. Spyware—including keyloggers, which record everything typed on the keyboard—also falls under the malware umbrella.
Hackers—or attackers—are unauthorized users seeking to infiltrate your network and exploit your PCs. Attackers may be lurking online at public Wi-Fi hotspots, waiting to intercept unencrypted data, or they may actively hunt for weak spots in your security that allow them to gain access to your systems.
Phishing scams are a third primary threat that falls somewhere between the two described above. Phishing scams involve some sort of lure designed to trick users into doing something—usually opening a file attachment or clicking on a link. The file attachment or link generally contains malware of some sort that subsequently infects or compromises the system.
The good news is that you are not defenseless against these threats. There are security tools available to detect and block attacks and prevent your systems from being infected or compromised.
Antivirus software monitors the files and network traffic on your endpoint PCs to identify viruses, worms, and Trojans and prevent them from executing. The word antivirus is a bit of a misnomer since this type of software defends against a broad range of malware, not just viruses.
Antivirus tools rely primarily on the unique signatures of known malware variants for detection, but most are also capable of identifying unknown malware based on specific suspicious behaviors common in malicious software.
Antispyware performs essentially the same role, but it looks for keyloggers and other malicious software that attempts to capture information and monitor activity on the target system. Antispyware prevents sensitive information from being intercepted and compromised.
A firewall is a line of network defense that prevents unauthorized traffic from entering your endpoint PCs. Most PCs have no need for inbound traffic other than data the PC has specifically requested, and the firewall works to make sure that only legitimately requested data enters the system.
For any malware, spyware, or other malicious activity that makes it past the defenses and onto the PC, there is host intrusion prevention, which monitors the activity on the computer itself to identify and put a halt to any suspicious or malicious activity.
Information security is not as complicated as it sounds, but it can still be a challenge—especially for smaller organizations. You can get comprehensive protection in one package, though, using Symantec Endpoint Protection.
Symantec Endpoint Protection includes state-of-the-art antivirus, antispyware, personal firewall, and host intrusion prevention tools in one package. All of the security tools run on a single engine, providing in-depth protection while minimizing the impact on system performance.
Symantec Endpoint Protection simplifies the task of protecting your PCs and lets you focus on your business with confidence—even if you find information security confusing.
This story, "Strategic Security Primer for the C-Level" was originally published by BrandPost.