I worked for many years at Symantec in the Enterprise Security Group, where I wrote a slew of code for Symantec’s antivirus and client security products. In my time there, I talked to lots of IT Admins who were tasked (saddled?) with the responsibility of managing huge deployments of desktop security.

Their most difficult problems were always in the area of installation and deployment. Things like: How can you help me find all of the computers on my network that need AV installed on them? Can your product identify the source of an infection, so I can go find that computer and clean it up? It was all about managing and probing those dark corners of the network where desktop security wasn’t already deployed.

The solution is to use the security products that are at your gateway.

(more…)

MessageLabs released a study last week on malicious emails. They found that attackers using email to distribute threats are increasing relying on users to click through on links in the email, as opposed to clicking on attachments.

This means a couple of things to me:

(1) Most everybody has deployed AV at the mail gateway.

(2) Your web filter is becoming an ever more important device in securing your network.

(3) Users need more training.

(more…)

Any IT Manager can tell you that the biggest bang for your budget dollar comes from training. Simply training your users some security 101 — don’t haphazardly double click on email attachments, pay attention to file extensions, don’t click on links in unsolicited emails and IMs, learn to recognize a phish — drastically reduces your attack surface. Even with the evolution of blended threats and with the steady stream of newly exploitable vulnerabilities announced each day, the single biggest threat propagation vector is still attachments on mass emails.

(more…)