Intelligent CIO Middle East Issue 37 | Page 23

LATEST INTELLIGENCE details the core requirements to help you navigate your enterprise endpoint protection solution analysis, and it provides a solution questionnaire to help you with your evaluation process. A multi-layer approach to endpoint security One successful malware infection provides the foothold cybercriminals need to steal your organization’s sensitive data. Protecting the corporate endpoint is not achieved by a single “silver bullet” or next-generation technology. Anti-malware techniques each have their own capabilities that add value in detecting an infection attempt. But one technique, alone, does not deliver effective results. Attackers use multiple vectors to deliver a successful attack; securing the endpoint requires multi- vector protection. Your endpoint security solution must have multiple layers of protection with a mix of static and dynamic approaches. Each layer has its positive attributes and shortcomings, which is why no individual layer is 100% effective on its own. Your endpoint solution must have a mix of layers that work together as a collaborative system. This approach delivers the most effective protection, and often detects and stops zero-day attacks. Known attack detection A solution’s “known attack detection” layer blocks malware quickly and with low overheads. This is done with matching (i.e., signatures) and rules-based technologies. Despite some claims that signatures are outdated and ineffective, they have their place in a multi-layer process. Signature-based detection is a lightweight method to protect against common attacks with minimal resource processing and administration requirements. Signatures are good at stopping the bulk of the less sophisticated attacks, and they do so with minimal processing and end user impact. n Download whitepapers free from www.intelligentcio.com/me/whitepapers/ www.intelligentcio.com INTELLIGENTCIO 23