Cybercrime Countermeasures: Essentials for the IT Pro's Toolbox

From sticky-fingered employees to Web-based malware and vulnerable VPNs, security threats lurk. Here's how to fight back.

By Rich Freeman

Like rust, cybercrime never sleeps. Indeed, though businesses have spent billions of dollars and countless hours shoring up their IT defenses, security threats continue to proliferate. "We're seeing more and more malware attacks than ever before," says Adam Hils, a principal research analyst and SMB security expert at Gartner Inc.

Worse yet, many of your clients are probably at risk. According to Hils, most SMBs figure that a desktop anti-virus program, a network firewall, and perhaps some Web filtering software are all the protection they need. In truth, however, fending off today's continually evolving array of often fiendishly clever exploits requires more sophisticated tools and techniques.

And that's where you come in. Here's a look at some of the latest and most menacing security trends--and the countermeasures you can use to keep your customers safe.

THE INSIDER THREAT
Today's brutal economy is driving up layoffs, leaving businesses even more vulnerable than usual to disgruntled employees making off with confidential information. "It's a universal problem," warns JG Chirapurath, director of identity and security at Redmond, Wash.-based Microsoft Corp. Chirapurath advises channel pros to help their clients develop an end-to-end data loss prevention strategy that includes digital rights management (DRM) software. DRM systems can prevent outgoing staffers from viewing, emailing, or copying sensitive files.

Activity monitoring solutions offer further protection from sticky-fingered employees with pink slips. Available from vendors such as Imperva Inc. and Application Security Inc., these products enable managers to keep a close eye on who is accessing what on their network.

THE OUTSIDER THREAT
Employees aren't the only ones showing heightened interest in restricted data lately. Business rivals are increasingly taking uninvited peeks at marketing plans, customer records, and product designs too. "The market is dog-eat-dog. As companies are fighting to stay alive [they] will go to any extreme to get the goods on their competitors," observes Bradley Dinerman, a security specialist and president of Fieldbrook Solutions LLC, an IT consultancy in Ashland, Mass.

Identity and access management applications and intrusion detection products can help safeguard your clients' networks, but many SMBs find them too pricey. Strong, or "two-factor," authentication technologies from providers such as Aladdin Knowledge Systems Ltd. present a more affordable-though less comprehensive-alternative. Using tokens and biometrics, such systems help ensure that only authorized persons gain access to network resources.

Security policy management solutions from companies such as Tufin Software Technologies Ltd. and AlgoSec Inc. are another reasonably priced way to keep outsiders out. Such products help you cleanse a client's firewall of unused or redundant rules that intruders can use to sneak onto a network.

Page 1 2 3 Next »