New Security Malware Tips and Ways to Analyze Risk

Officials from Microsoft Corp. recently discussed ways they are trying to make its operating systems more efficient in stopping security attacks. In other news, Webroot Software, Inc. has released a white paper that provides tips on improving security against Malware, while officials from start-up Athena Security, Inc. announced new tools to find risks associated with network architectures.

Focal Points:

• An executive from Microsoft, speaking at a recent security conference, described how the company is working to enhance product security. Among some of the actions the company is taking are application white listing and a more thorough use of code signing. While executives are happy with some of its current security improvements, including user account control (UAC), they are looking for ways to further automate security processes, as well as making them less invasive for users. Microsoft officials stated they have collected data from over one million Vista systems, where the majority to not use UAC prompts. Adding techniques such as white listing should make it easier for end users to run safe programs and prevent the running of unwanted ones.
• Officials from Webroot recently published a white paper that is designed to help IT shops protect the enterprise against infections related to malware. The author estimated that malicious programs that were generated through 2007 numbered over five million. The company's research team has measured over 1000 new malware variants in a single day. The author identified the four biggest actions engineers can take to prevent falling victim to malware. Two are staying current with adhering to the latest compliance standards; and implementing the latest anti-virus and anti-spyware products. Experton Group suggests using multiple versions, since none cover 100 percent of known threats.  The other two actions are blocking spam (when possible) at the network perimeter and proactive security education of employees and IT staff. Experton Group believes proactive education is the most critical of these actions, since technology improperly used will only give a false sense of security.
• Executives at Athena Security recently unveiled its new software that is geared towards showing IT professionals the risks with existing enterprise network configurations. Its product, AthenaVerify, is designed to check network architectures for soundness, assessing their risk to both internal and external threats. Some of the items checked against best practices include those from the IT Infrastructure Library (ITIL), the National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and the SysAdmin Audit Network and Security (SANS) Institute.

Experton Group believes security threats will increase in frequency, number of vectors they pursue, and the layers of IT infrastructure that are affected. Not only will the number of people doing attacks increase, but new open, loosely coupled architectures, such as service-oriented architectures (SOAs), will only make the problems worse. IT executives should implement proactive security education programs, such that security awareness and prevention is built into the entire IT infrastructure and application development lifecycle.