Friday 18th September 2009, Sydney Australia
Symantec’s John Harrison (Group Product Manager, Endpoint Threat Protection) highlighted to the media the changing face of the Threat Landscape which affects all users of the internet from single-users to corporate enterprises. At the workshop, Harrison went into detail of the various threa6ts over time which began in 1986 with the Brain Virus, the first MS-DOS virus ever detected. Ironically “this” virus was created for fame, rather malicious intent. Unfortunately this was the catalyst of things to come.
As the Threat Landscape changed, Symantec changed its structure to combat the various threats which users now faced. Whether it was viruses, Trojans, spam or drive by downloads, Symantec continued to support users across the globe which caused them to expand considerably in order to maximize protection.
Symantec was founded in 1982 with 275 employees and now employee over 15,000 people worldwide. Although Symantec continued to provide protection to users and companies, it acquired several companies to assist in this process such as Peter Norton’s, Norton Utilities and other companies who provided backup and anti-spam software technologies.
To showcase how dynamic the Threat Landscape is, Harrison pointed out that originally virus definitions came on floppy discs for Enterprises, however as the internet became more popular and speeds increased, Symantec created the Live Update function which allowed automatic updates be readily available for the consumer. This lead to the creation of the Security Technology and Response (STAR) organisation which operates at 11 sites worldwide, 365 days per year and 24×7.
Unlike in the infancy of the internet and popular bulletin board systems, users were no longer sending in floppy discs or even infected hard drives to Symantec to inform them of new threats, rather, the technology had moved to scan and delivery. Of course, criminal elements of the internet moved away from traditional forms of attacks. For instance, businesses proved too difficult to target and once again the landscape changed with individual users being targeted through Spam, key loggers and drive by downloads. This proved a much more profitable endeavor to criminals.
To demonstrate the move away from traditional viral infections, Harrison showcased a variety of authentic Australian websites which have been affected by drive by downloads. Without the appropriate internet security on your system, your operating system automatically downloads this malicious code and you are infected. It was quite eerie seeing these sites automatically infect unsecured PC’s without any alerts to the user. This brings forth some grave concerns as to how many people are really protected? Although originally it was the seedy and nefarious sites that led to infections, it is now possible that even mainstream sites could be infected unless they have the correct measures in place.
With that said, Malware was no longer static software but rather it had evolved into server side polymorphism which had the ability of creating different versions of the same Malware in order to elude detection. This lead to Malvertisement, third party advertisements that have been breached and make it difficult for traditional antivirus packages to discover.
Thankfully this has been a key aspect of Symantec’s security software as it has the ability to detect these “unknown” threats. Although this software can protect against the traditional attacks, the software has the ability to detect even new attacks which have not been reported thanks to its clever programming. Harris highlighted an interesting fact with Bots (programs covertly installed to attack communication channels or perform other activities) that there were 1,000,000 people in the world using the Seti @ Home software to find extraterrestrial life, however at its peak, the Conficker bot infected over 4,600,000 users.
Another highlight of Harrison was “What’s Old is New Again” and cyber criminals generally target the easiest and weakest flaws of computer systems. For example, floppy discs were once used to spread viruses and now USB memory sticks have taken over. As cyber crime once started as “fame” for the creators, it has been embraced by the criminal underworld and “fortune” is now the goal. It is easier for criminals to target these individuals, whether it’s stealing identities and credit card details or duping customers into purchasing “fake” antivirus software by spending $49.95, it’s truly a diverse and dangerous landscape.
Although some might think that by having their antivirus software or internet security software up to date is the key to remaining safe, this is only just one aspect of security. Criminals and cyber hackers have targeted vulnerabilities in other software package such as iTunes, Adobe Acrobat, not just your operating system. Whether it’s a known flaw or masking a download as an official product, users need to be quite vigilant when on the internet. Legitimate sites with third party advertising may also prove dangerous to the user as it is very difficult to monitor this content, especially with rotating advertising.
What can we do?
In order for you, your computer and your business to be safe as possible, Harrison recommended that users always update their software to the latest versions which does not include just the operating system but all installed software. Whether it’s WinZip, iTunes, Windows Media Player or the like, updated software generally provides the best possible security. Enterprises should also check their software, following similar protocols to single users and ensure that they have viable security software installed such as Symantec Endpoint Protection. Lastly, Harrison noted that “prevention” is always the best possible protection and users should always be “cautious” while accessing the internet.
Symantec Endpoint Protection – Small Business Edition
Following John Harris, Rob Pregnell (Regional Product Manager, Security Business Unit, Symantec, Pacific) gave the media an interactive demo of Symantec Endpoint Protection – Small Business Edition which targets small businesses of 10 to 99 users. Unlike traditional security suites for small business, Pregnell highlighted that Symantec was the leader of the pack in terms of innovation and protection that was also mirrored by independent testing.
At its core, Symantec Endpoint Protection – Small Business Edition offers small businesses enterprise level protection, however with optimized performance, ensuring a streamlined management user interface at an affordable cost. By utilizing the world’s largest security infrastructure, it offers 24×7 protection with the backing of one of the world’s leading internet security companies.
Features
- Provides best of class integrated technologies and unmatched protection from the market-leading endpoint security vendor.
- Comes with pre-configured settings, streamlined user interface and built-in tools tailored for the small business environment.
- 20 minute installation and superior performance.
Pregnell also performed some real-time testing of the product and the installation on average takes around 8 minutes to successfully install. Best of all, the software requires relatively low system specifications, ensuring that it can be run on a wide range of different computer configurations.
Once installed on a system, it has a relatively small impact on the system which includes boot-times, running speeds and minimal impacts on software such as using Office Products or copying files. Even though Pregnell was installing this on a low end system with VMWare, the installation was extremely quick that required little user input.
Key Benefits
- Provides more than antivirus and protects to the same level as the largest global business.
- Simple to install, deploy and manage so you can get up and running quickly and focus on running your business.
- Fast install and performance provide minimal productivity impact and reduces overhead.
In relation to user input, the interface of Symantec Endpoint Protection – Small Business Edition is quite basic, ensuring that it can be used by a wide variety of users. The simplicity of the installation and interface also mirrored installing the software on remote computers. However with that said, the program does not skimp on features and there are a variety of administrator settings that include reports and even primary e-mail addresses which can be used for resellers. Setting up new administer accounts with different privileges is as simple as 1-2-3.
New Features
Symantec Endpoint Protection Small Business Edition features best of class endpoint security technology:
- Seamlessly integrates industry leading protection technologies (antivirus, antispyware, desktop firewall, Intrusion Prevention in a single agent for proactive, comprehensive protection against known and unknown threats.
- Comes with Symantec recommended security defaults so no additional configurations are needed and minimal training required for easy deployment .
- Installation and deployment takes less than 20 minutes.
- Built in tools such as the Client Installation Wizard simplifies deployment of client software and eliminates the need for installation and deployment training.
- Provides licensing support to keep track of maintenance and the number of licenses purchased.
- Ability to configure Symantec Protection Center to send license notification to Partners.
To round it up, Symantec Endpoint Protection – Small Business Edition offers multilevel protection and accessibility to a wide range of users, from novice to professional administer. With in-depth functionality not yet offered by its competitors, Symantec Endpoint Protection – Small Business Edition is definitely a software package that should be investigated by all businesses.