Let’s face it you, and I, are the number one security risk to our organizations. Oh to be clear, it is not our fault. Really, it’s not you! If anything you are the potential victim here if an attack succeeds.
We are the number one risk simply because we are the ones who create and access the sensitive information that makes businesses run: Plans to combat world hunger, got ‘em. Customer personal information and payments, got ‘em. Simple shipping labels for your next customer order, we have those too. Unfortunately, all this information makes us valuable to ‘the bad guys’ too.
As we explore the malware protection category more deeply in this blog series, we will look at ways to better understand what types of malware the bad guys are creating, and ways to continue to keep the critical information we create safe. Some of the malware we will explore includes:
- Spear-Phishing: You may think of this as a poorly written e-mail that can clearly be identified as fake when in reality, the bad guys are creating very compelling, well written, even branded, messages. There is interesting study that supports the notion we aware of the spear-phishing threat, but we are still not successful at identifying the real from fake. The bad guys target their attack with very sophisticated levels of personal data creating their message based on your social network, occupation, region of the country, or prior purchase history.
- Watering Hole: Legitimate websites are used to deliver malicious software to your computer simply by surfing to the site.
- Mal-vertising: This is also considered a type of watering hole attack where legitimate advertising that is purchased by the bad guys. They in turn use their ad space to host malicious code. Here again, it is a similar approach where simply surfing to a known website enables the background advertising to install malicious software.
For now, just be aware that every day ‘the bad guys’ are evolving new ways to steal information from the technology and tools that should be used to help our fellow humans prosper and grow.
This is the context that we kept in mind as we began thinking about Dell Data Protection | Protected Workspace as a means to address these problems. DDP | Protected Workspace took and innovative approach that allows us to:
- Identify malware based on its behavior – this means we can address the newly created unknown malware by avoiding the use of signatures files (“digital fingerprints” that historical anti-virus solutions used to recognize malware)
- Prevent malware from reaching your data DDP | Protected Workspaces create a container or virtual sandbox around your applications preventing malware form reaching your data to steal your ideas in the first place.
- Report the attack to your security expert to prevent the mode of attack from occurring elsewhere in your network
Taking an innovative approach to prevent and report on malware is just one element of the Dell Client Solutions Security strategy.
October is Cyber Security Awareness month. Join us as our Dell Data Protection team covers areas dealing with data encryption and login protection including how to manage compliance needs with Dell Data Protection | Encryption, important industry trends in security, and how we can evolve the next generation of security together.
What is your personal experienced with malware and what steps are you taking to address the newest threats?