Today's Network Security Challenges

Trend Micro understands that your network needs to be protected from a new kind of threat—the internal threat. Internal threats result from employees, contractors or other users who accidentally infect the corporate network with infected machines, USB sticks and other storage devices, or by browsing infected Web sites.

Internal threats are increasing because of the following key challenges to your corporate network:

• Conventional security solutions unable to detect internal threats. Read more >>
• Dramatic changes in how and where people work. Read more >>
• Lack of information about your local threat environment. Read more >>

The Threat Management Solution was designed to identify and respond to next-generation threats. By monitoring the network to catch hidden malware and disruptive applications that traditional security products fail to detect, the Threat Management Solution collaborates with in-the-cloud Threat Management Services to deliver a more detailed analysis of your threat environment. The solution then performs network-wide clean-up and policy enforcement on infected endpoints.

Limitations of Today’s Security Solutions

As threats become more sophisticated and workplace data leaks grow more prevalent, today’s security solutions struggle to keep up. Conventional technologies like firewalls, IDS systems, and VPNs may prevent outside threats but fail to protect “inside threats” from employees who accidentally infect the network.

Security solutions such as Network Access Controls (NAC) focus on initial posture assessment and authentication of the employee’s endpoint. Once a user is authenticated, he or she is no longer monitored and can act in ways harmful to the network. In addition, today’s "borderless" organizations freely share information globally between employees and partners. These enterprises attempt to balance openness and flexibility with security risks as employees work from home, airports, and from other, non-secure, off-site locations.

Workplace Changes

Greater numbers of telecommuting and traveling employees and the blurring between home and work offices have increased mobile device use, creating the need for better protection against the loss of sensitive corporate and user data. This mobile workforce makes it harder for IT departments to maintain updated antivirus and software patches on all computers, making it increasingly difficult to control how and where users connect. Storage devices, such as USB sticks, and music players add new channels for infection. In addition, inadequate remote office security, lack of security personnel, and lax policy enforcement negatively impact security.

Unprotected channels, such as Web mail or wireless networks, and easily exploited technologies, such as P2P file sharing, streaming media, and instant messaging, allow malware to enter the network while draining valuable network bandwidth. In addition, hard-to-detect, zero-day malware require immediate attention and are beyond the means of most antivirus applications, which rely on a pattern-based approach. Once inside, malware can leak data to cybercriminals, posing problems both for the consumers who lose confidential data and for businesses whose reputations are irreparably damaged when data is lost.

Damage clean-up costs and lost productivity create the need for a better solution to protect against insider threats. Forrester Research estimates that up to 85 percent of enterprise security breaches involve internal people and resources. And according to Gartner, “organizational costs of a sensitive data breach will increase 20 percent per year over the next two years.”

Lack of Information About Your Local Threat Environment

Today’s security environment is ready for a new approach. Lack of visibility into the exact location and cause of infections prevents your IT department from determining the most appropriate remedy. To achieve more holistic coverage, security personnel need more information to better understand how threats occur and exactly where they enter the network.

Most security systems show that malware was detected—for example that irc bot activity occurred— however, no information is provided about how or where the infection happened. This creates a lack of visibility into the overall security threat posture, which hampers the ability of IT personnel to identify network pain points and the origin of threats, such as a company’s marketing department or an organization’s remote office. Companies need greater detail about the threat environment, such as the type of threats residing in the network, or the percentage that are malware or hacking attempts or that are caused by disruptive applications. Determining the root cause of how these threats entered the network helps IT formulate better security policies.