Malicious software or “malware” is the biggest network security threat facing organizations today. Cyber-criminals target enterprises that hold a great deal of money or conduct a high volume of transactions on a daily basis. A network intrusion can cost an organization as much as $5 million, and the damage to a company’s reputation can be irreparable. Statistics show that if a major security breach occurs against a U.S. enterprise, that organization has a 90 percent chance of going out of business within two years. This is particularly alarming considering that malware is currently the fastest growing trend in the misuse of network resources.
In essence, malware acts like a parasite on a network. It is designed to infiltrate a computer system without permission. Even the most well-intentioned employee may accidentally download malware such as Zeus (Zbot) – from a Web site or open it via an e-mail attachment. The worm then slips past network security measures and hides against the firewall. Here, it collects data and absorbs private information passing through, such as credit card numbers, account numbers, or social security numbers. The worm then sends that information back to the host, who then sells it to criminals for identity fraud, e-scams, and other personally invasive crimes.
This threat of malware is very real. Private information is at risk without the proper network security measures. Unfortunately, a majority of anti-virus programs and network firewalls cannot protect against intrusion risks beyond viruses and Trojan worms. Organizations have to be smarter than the criminals they’re up against.
Intrusion Detection and Protection Systems (IDPS) are the newest line of defense in network security and combine two levels of network protection into one: intrusion detection and prevention. These systems identify and prevent malware intrusion by examining information via sensors within the network infrastructure. An Intrusion Detection System (IDS) monitors activities on the network by searching for malware and producing reports for the system administrator. Intrusion Prevention Sensors (IPS) actively block the malware on the network, dropping the malicious data while still allowing normal data to continue on the network. In a 2009 survey, Forrester Research showed that IDPS is the second most in-demand security solution. Many of the solutions on the market today are either IPS or IDS. IDPS is a substantial part of an enterprise security solution used to protect the network. In order to set up proper network security, layers of products, software, and solutions need to be in place that protect against various threats. Firewalls, anti-virus programs, access controls, and an IDPS solution are all necessary to achieve effective network security.
Purchasing an IDPS solution is like buying insurance for an organization’s reputation. As malware evolves, network security must keep pace. If not, companies will continue to be at risk for damage to their networks and reputations. One network security breach can bring operations to a screeching stop. An IDPS works along with other network security measures in order to prevent this from happening and has proven to be the most effective response in evading malware threats.
