Today’s computing environment sees devices connecting to a variety of services across public networks; interacting with a variety of files, attachments, and applications; and doing all of this continuously in a mobile environment potentially untrusted. Factor in hundreds or thousands of employees all using one or more devices and you quickly realize that the old way of inventorying malware signatures is virtually useless. Just look at the RSA breach, Flame, Stuxnet, Duqu and other highly publicized advanced persistent threats (APT). They make the more than 75 million malware signatures registered last year seem irrelevant because they were totally unknown before they wreaked their havoc.
That’s largely because it only takes one—just one—zero-day threat to get past antivirus software from McAfee, Symantec or other companies. That’s all it took for RSA, Google and Sony to be hit, and it will take only one threat to disrupt your company, too. Once an APT is inside your network, it takes less than 15 minutes—a mere 900 seconds—for the bad guys to snatch your intellectual property and along with it your company’s brand equity, customer trust and competitive advantage.
This isn’t a future scenario; it’s happening right now, with most of these threats arriving on corporate laptops and desktops and then moving laterally to your servers. Most of these breaches happen silently in the background—quietly, that is, until a third-party service or device alerts you to the problem. By then, there could have been years of malicious activity happening in your environment. Many of these breaches are happening easily, juking around antivirus until they reach your servers.
The main problem is how organizations approach defense. Antivirus vendors essentially take an innocent-until-proven-guilty approach, by developing extensive lists of already-identified malware. They know a given piece of software is bad because it’s already successfully infected systems. Doesn’t it make more sense to keep your assets safe by only allowing trusted software to run on your endpoints and servers?
Think of this as an “untrusted-until-proven-trusted” approach to software security. This is similar to how you would feel if a complete stranger knocked on your door looking to enter your home. You probably wouldn’t throw open the door and offer them a snack. But if you saw your best friend standing next to this stranger, then that unknown person would become someone you trust because you know who they’re with. It’s the same with software. IT puts a policy in place to prevent untrusted software from running on your network. But if a user tries to download a previously unseen piece of software that comes from a trusted publisher, e.g., Microsoft, then that new software is trusted because your policy allows software from trusted publishers to run. It’s as simple as that.
Bit9 is pleased to introduce version 7.0 of our trust-based solution that delivers three industry-first breakthroughs.
- The FIRST security solution that delivers both IT- and cloud-driven trust, resulting in up to 40 percent less administrative effort and end-user impact.
- The FIRST trust-based security solution optimized for virtualized desktops and servers to deliver the highest level of security for virtualized environments.
- The FIRST trust-based security solution with the scalability and integrations to meet the needs of the largest enterprises as well as small businesses.
The enhanced server security capabilities in version 7.0 provide a single trust-based security solution for application control across all enterprise systems—servers, desktops and laptops. These firsts and enhancements combine to provide you with 21st century protection against 21st century threats.
We’re more than a little excited about all of these industry firsts and we hope you are, too. To learn more about how Bit9 is driving IT security forward, click here.