Do You Trust Old-School Security To Protect Your Users?

Binat 13.06.2019 פורסם ב: Home

Organizations still feel safe and trust old, traditional security, when they are really not even near being able to deal with modern threats. Firewall UTM is your savior? counting on Security information and event management (SIEM) to let you know?

Traditional layers of security we all have on our network, such as Firewall, Antivirus, Intrusion prevention and detection systems – more and more fail to secure and are simply no longer effective dealing with the modern malware threats which are built to easily penetrate through old security.

Organization Users, Apps and Networks, are constantly transformed to the Cloud, and are out of traditional security perimeters. Network borders are becoming irrelevant, old school solutions are simply not capable of providing security in this architecture, and will keep losing battles to today's threats. Someone once said it is like protecting your country only with a wall, not taking into account new threats such as air or sea attacks.

A few examples for scenarios where traditional security will very likely fail to protect:

INFECTIONS BY ENCRYPTED TRAFFIC

In the past few years, the majority of internet traffic became encrypted with SSL. Unencrypted web traffic is now less than half of internet traffic. Google, Facebook, YouTube, 365, Dropbox, Google Drive – all now run over SSL and this changes the way protection is to be made.

In order to scan encrypted traffic, you need to decrypt it. To decrypt it, you need resources… lots of it. Traditional Security is not built for decrypting 60% of passed through traffic, and with limited resources, they reduce loads by whitelisting destinations to save on resources. “Trusted” sites and CDNs will be the first to be bypassed.

INFECTIONS VISITING A "LEGITIMATE" SITE

Such infection is very common in the last few months. This method takes advantage of the fact that the site is supposedly clean and trusted, thus old school security does not scan this traffic, or fails to identify the specific module within the webpage page, which was hacked and contains the payload.

A firewall/UTM would obviously fail with access control, as outbound web traffic HTTP/HTTPS is permitted for users. DNS based solutions which are seen lately, will not be able to address this challenge either, as it relays on the site reputation and not its content.

INFECTIONS WHILE OUTSIDE CORP NETWORKS

This would be the biggest challenge for traditional security, as the user is outside the network, perhaps at home; perhaps letting his children use his work laptop.

Infecting in this case is easiest of all, as there is hardly any security system protecting the station. This is seen with Ransomware infections, which would explode on the local network when the user is back in office or connected via VPN.

DOWNLOADING A NEW/UNKNOWN/ZERO-DAY MALWARE

This method takes advantage of the fact that traditional security is using a database of file hashes when looking for malware; it does not scan the content. Such threats penetrate easily though FW and AV when the malware is unknown or just not “old” enough to be included in the latest update to all security appliances around the world.

If an organization is under a targeted attack (custom made), old security does not stand a chance to protect or event to detect.

GOT INFECTED?

In case of infection, how long does it take for IT to acknowledge they are compromised? Surveys claim nearly a year in average. Prevention is important, but it should be backed up with Detection and Response.

Visibility is key for identifying threats and threat patterns. Traditional solutions such as SIEM, are used for gathering logs but they are not really alerting IT about infections and their remediation, as they do create a lot of time consuming work for their complex management and non-focused, never-ending alerting. who’s monitoring the monitor?

CONCLUSION

In conclusion, Firewalls, AV, IDS, IPS and other old security layers are not enough to stop malware threats. Even monitoring these layers is no longer effective. A different way of thinking must be adopted.

Are you still relying exclusively on old school technologies to protect your organization?

To learn more about how we help fill these gaps and secure more efficiently, and to run a free security preview, click here.

שמור על המידע שלך בטוח
הירשמו עכשיו לבדיקת אבטחה לארגון חינם
להרשמה
אהבת את הכתבה? שתף עם אנשי מקצוע

למד עוד כיצד אנו מסייעים ללקוחותינו ברחבי העולם
לעשות צעד קדימה

מלא את הפרטים הבאים:





    ממליצים:

    Internet Binat is an excellent company with great products and outstanding support.The Network and Security Solutions supported by them are resilient, user friendly, secured with a low and affordable cost.Their support team always gives us high priority and attention
    Erez Greenbaum
    Erez Greenbaum
    08:11 10 Sep 19
    I am working side by side with Binat an several years, and was constantly amazed with their business insight and brilliant ways to solving problems.We was setup more the 15 MPLS line for our business around the world, which gave the company a significant advantage on top of the competitors.I really hope that our paths will not diverge in the future, and would recommend with all my heart working with Binat Internet and take advantage of their incredible and rare qualities.
    Alex Levin
    Alex Levin
    14:27 19 Aug 19
    Internet Binat is at the top of WAN services.Adama is working very closely with them for the last couple of years in some very challenging parts of the globe.Without the solutions they provide our job and normal user's productivity around the world would not have been possible.They are professional, committed and above all give superb service !Internet Binat can take you from planning board to execution with flying colors. Strongly recommend👍
    Roni Barzelai
    Roni Barzelai
    13:46 19 Aug 19
    We get the absolute pleasure of working with Binat Internet for the last 5 years.We are worked on challenging and innovative projects on a global scale.I believe that every organization that would work or interact with Binat Internet will benefit dramatically from that. I want to note the excellent technical round-the-clock support, especially the Israeli team. Team is ready to deal with difficult situations and solve the problems on time.Any of your problems will be solved ASAP.Will be happy to recommend Binat Internet every time, knowing the benefits and attitude they are bringing with them to every project.
    Valery Kucher
    Valery Kucher
    11:32 18 Aug 19
    The excellent company,High professional levelYou always can trust the technical people that help you in any situation.
    Igor Vinokur
    Igor Vinokur
    14:27 14 Aug 19