Frequently Asked Questions: Why You Need Multi-Layer Protection
Viruses have given way to targeted attacks designed to exploit any and all vulnerabilities within an enterprise. Attacks can come from anywhere at any time, directed at your weakest points, including email accounts, commonly used websites, social media and mobile devices, among others.
As the threat landscape has evolved and as organizations and users have incorporated new technologies that increase vulnerabilities, traditional approaches to protection are no longer valid.
Enterprises are finding that the only way to maximize protection is through a holistic approach to security. This should deploy a multi-layered solution built on a platform that utilizes advanced security intelligence to analyze and react quickly to changes in the threat landscape.
Why is multi-layer protection the only way to adequately safeguard the enterprise, and what are the key components of a multi-layer solution? Here are some of the questions you may be asking:
Q: Why a multi-layered approach?
A: Attacks have become increasingly coordinated and sophisticated, and attackers are very adept at exploiting vulnerabilities wherever they might exist. This could include taking advantage of vulnerabilities within your systems, lack of policies and controls, indiscriminate and unaware user behavior, and many more potential gaps too numerous to list here.
If you look at isolated approaches to protection—say, one solution for endpoints, another for Web, another for email, another for data protection—you are missing the opportunity to leverage the same intelligence across all of your solutions.
You are also missing the point in understanding how your organization might be hit by an attack: An attack may enter in one location and manifest itself in another. You want to ensure that you have a coordinated and integrated view of where you might be at risk, not just to prevent attacks but also to minimize their impact and assure that your systems and endpoints are quickly recoverable in the event of failure.
In addition to better protection, a multi-layer approach will also be much less expensive to deploy and will enable you to work with a single vendor and an integrated management platform. Having too many solutions from different vendors can actually make your enterprise less safe because it makes it harder to understand and analyze your vulnerabilities.
Symantec 2014 Internet Threat Report
Q: What is the role of security intelligence?
A: In today’s environment, it is absolutely essential that you use advanced security intelligence across all aspects of your security solution. Security intelligence can enable context-aware security management that can correlate data from endpoint, messaging and third-party security products to deliver early-warning alerts on new threats or changes to existing threats.
The resources and technologies that go into an advanced security intelligence solution are staggering, and you do your business a disservice if you don’t take advantage of them. For example, the industry-leading Symantec Global Intelligence Network is made up of more than 41.5 million attack sensors, recording thousands of events per second, with more than 2.5 trillion rows of security telemetry. Symantec Probe Network uses more than 5 million decoy accounts to capture spam, phishing and malware data. Beyond that, Symantec is able to gather intelligence from more than 8.4 billion monthly email messages, and more than 1.7 billion daily Web requests.
Q: In addition to security intelligence, what are the other components of a successful multi-layer security strategy?
A: A security intelligence solution will provide advanced threat detection, and a multi-layered integrated solution will give you the platform by which you can deploy that detection to protect your business. The goal is to manage your entire security infrastructure in an integrated manner with real-time, actionable intelligence protection across technologies. This includes an integrated approach to:
- Endpoint security
- Email and messaging systems
- Internet gateway and Web security
Your organization can save money and improve protection by working with a single vendor that offers centralized management so that these solutions can work together seamlessly and provide a simple and clear way to prioritize the work your IT or incident response teams need to complete. This will eliminate complexity, streamline processes and enable you to maximize the benefits of security intelligence across all of the areas where you may be vulnerable.