1. /
  2. Confident Insights Newsletter/
  3. Protect Your Windows Systems

Protect Your Windows Systems

August 23, 2006

Summary

This article explores these and other challenges that Windows-centric IT shops encounter today. It then shows why midsize organizations, which typically do not enjoy the level of IT resources of large enterprise operations, must act now to ensure the security and availability of their data, systems, and applications.

Introduction

For most midsize organizations, Windows plays a major role in keeping their business running and their employees productive. But these organizations often fail to appreciate the vulnerabilities in Windows-based systems that place them at risk. Each day, midsize organizations face such challenges as backing up mission-critical data, protecting users from viruses and other "malware," and keeping their customer information and other intellectual property from falling into the wrong hands.

This article explores these and other challenges that Windows-centric IT shops encounter today. It then shows why midsize organizations, which typically do not enjoy the level of IT resources of large enterprise operations, must act now to ensure the security and availability of their data, systems, and applications.

A continuously evolving IT environment

In today's fast-paced networked world, the free flow of information is essential to success. Midsize organizations are challenged to improve the ways they share information among employees, partners, suppliers, customers, and other constituents. But as the pace of business continues to accelerate, the IT environment in which these organizations operate has undergone an unprecedented transformation in the past decade. Consider these aspects of today's "threat landscape":
  • Attacks Denial of Service (DoS) attacks target a computer system or network and cause a loss of service to users. This typically involves a loss of network connectivity and services due to a deliberate maximum consumption of bandwidth or overloading of computing resources of the victim. In the second half of 2005, the average number of DoS attacks detected per day was 1,402, an increase of 51% over the first half of the year, according to Symantec research.
  • Malicious code Over the second half of 2005, more than 10,992 new Win32 viruses and worms were documented, a 49% increase over the same time period the year before, according to Symantec. Malicious code is increasingly being used to generate profit and expose confidential information. During this period, 80% of malicious code exposed confidential information.
  • Vulnerabilities In the second half of 2005, 1,896 new vulnerabilities were documented by Symantec researchers, the highest recorded number since 1998. Overall, 40% more vulnerabilities were identified in 2005 than in 2004. Web application vulnerabilities made up 69% of all vulnerabilities during this period. And the average time between the announcement of a vulnerability and the appearance of exploit code was 6.8 days.
While these "threats" are typically considered security-related, there are other issues that can cause concern for midsize organizations. These include:
  • Exponential increase in data volumes Data volumes continue to grow at 40% to 60% each year, making it more and more difficult for administrators to back up mission-critical data in acceptable time frames (or within available backup windows). In addition, the need for instant, on-demand data recovery is becoming increasingly vital for business operations. With downtime costs reaching thousands of dollars per hour, an outage could be catastrophic to a midsize company.
  • Growing need for mobile computing The proliferation of laptops and other mobile devices has certainly been a boon for workforce productivity. But according to a recent global survey of 240 company executives by the Economist Intelligence Unit and sponsored by Symantec, only 9% of companies have incorporated a comprehensive security architecture designed to include mobile device access. In addition, these mobile devices typically carry sensitive information that could negatively impact a business should that information be lost through a system failure.
  • Ongoing client management needs Midsize organizations are under increasing pressure to meet fundamental business needs to keep end point devices up and running, regardless of what could potentially occur, including security vulnerabilities, system failures, human errors, as well as necessary planned maintenance. That pressure is exacerbated when one considers the limited IT resources that are available and factors in the complexity of delivering on service-level agreements to remote offices and mobile users.

Protecting the Windows environment

To truly protect the Windows environment, it is necessary to look at the IT infrastructure holistically to ensure that all data, systems, and application processes are aligned to support the end goal: keeping the business up and running while ensuring the security and integrity of the information that the business and its customers depend on.

Therefore, it should be the goal of every midsize organization to identify and implement best-in-class solutions for keeping data, systems, and applications secure and highly available. Furthermore, the solutions should be capable of handling the needs of a large enterprise, but also affordable and easy enough for a midsize organization to implement.

Secure and protect data

Typically, midsize organizations spend their time reacting to what has occurred as opposed to anticipating future threats and breaches. Gartner reports that midsize businesses are weak in the area of security monitoring and often aren't even aware that they have been breached.

Midsize organizations should instead focus on solutions that address the challenge of providing anticipatory protection against known, unknown, internal, and external threats while still allowing necessary information access throughout attacks and remediation. While a majority of organizations may immediately think of servers as the focal point for security, desktops and mobile devices should not be overlooked. In fact, a recent Gartner survey of midsize organizations found that nearly 30 percent of respondents aren't using personal firewalls on their laptops, and nearly 20 percent aren't using anti-spyware. Moreover, end users tend to treat these mobile systems as their own personal devices, taking them home and using them for various extracurricular activities. Not surprisingly, Gartner found that 35% of malware infections resulted from end-point intrusions while the system was off the managed network.

That's why organizations need to set and enforce appropriate IT policies, as well as identify and evaluate solutions that can provide multi-layered security capable of assessing threats, monitoring controls, shielding individual applications, and protecting desktops and mobile systems.

At the same time, the need for instant, on-demand data recovery is becoming increasingly vital for all business operations. While traditional tape backups have proven effective over the years, today's dynamic business climate demands faster, more efficient backups and on-demand recovery. Disk-based data protection, specifically continuous data protection, addresses these issues in a way that eliminates the need for backup windows, allows end users to recover their own data without contacting IT, and delivers an integrated disk-to-disk-to-tape solution.

Maximize system availability

When organizations think of backup and recovery, it is usually associated with protecting information residing on a server. It's important to remember, however, that this constitutes both data and system information. Too often, so much importance is put on the need to protect the data that the system is overlooked. But if the system isn't operable, the chances of accessing the data are slim. When a server operating system fails, it can take eight or more hours (days, in some instances) to rebuild and restore the server. This process includes reinstalling the OS, applications, patches, configuring settings, etc. Moreover, there are no guarantees that the server will be in the exact same state as before the failure took place.

There is also the matter of having to replace the server hardware. Midsize organizations can't afford the luxury of maintaining extra server hardware in case they need to replace an existing system. In reality, these organizations are constantly negotiating on price with various vendors and may often change preferred vendor standards. This introduces the issue of restoring a system to a new and dissimilar piece of hardware, while trying to preserve the integrity of the system state and the availability of the data. Organizations must ensure that their data and system backup/recovery solutions provide the ability to adapt to these ongoing changes.

Also, midsize organizations today can spend thousands of dollars per user each year to deploy and migrate operating system and application upgrades. For many of these organizations, the advanced capabilities found in today's imaging and software deployment tools can make deployment and migration tasks significantly easier and faster. Utilizing today's imaging software, organizations can create and deploy operating systems, application packages, user settings, and security fixes to PCs across a network in minutes. With client software installed, there's no need for administrators to visit the target PC in order to conduct routine deployment or maintenance. This translates into lower IT management costs and increased productivity.

Optimize application environments

Over the past 10 years, organizations of all sizes have gone from leveraging email as an alternative communications vehicle to depending on it as their most mission-critical application. Indeed, many organizations have found that productivity falls dramatically when email stops functioning.

For midsize organizations with a messaging infrastructure built around Microsoft Exchange, a layered approach to email management is essential. A layered approach positions different types of protection at defined levels of the email architecture. Ensuring email security and availability begins with controlling the flow of email information from start to finish. In functional terms, this involves removing unwanted content from the messaging system at the earliest possible point in time.

Ultimately, a layered approach to email management can reduce the risk and potential downtime posed by security threats and spam, help meet email policy and regulatory compliance needs, and optimize the accessibility and resiliency of the email infrastructure.

Conclusion

Today's midsize organizations are under increasing pressure to provide access to their information assets to suppliers, partners, employees, and customers. As a result, they may find themselves struggling to balance information access with escalating risks of exposure given their limited resources.

As the Enterprise Strategy Group stated recently, "The need to protect information and systems remains a critical business priority for small and midsize businesses running Windows environments today. Those businesses typically do not enjoy the level of IT resources of large enterprise operations, and increasingly need easy to deploy solutions that deliver enterprise-quality protection."

Midsize organizations seeking comprehensive protection for Microsoft Windows environments are encouraged to evaluate today's best-in-class solutions for keeping their data, systems, and applications secure and highly available. For more information, click on the link below.

Back to Newsletter