whitepaper_ext_top_ten_web_threats

8/7/2019 Whitepaper_EXT_Top_Ten_Web_Threats

http://slidepdf.com/reader/full/whitepaperexttoptenwebthreats 1/7

TOP TEN WEB THREATSAND HOW TO ELIMINATE THEM

A SYMANTEC HOSTED SERVICES WHITEPAPER

WHITEPAPER

[email protected]



[email protected]

WHITEPAPER

INTRODUCTION: TOP TEN WEB THREATS

The worldwide web is a fantastic business resource but, without proper protection and management, itis also a source of danger and unnecessary expense for small and medium-sized businesses. Based ona survey of 273 IT managers, we reveal the top ten web threats to business and outline a solution that

uses MessageLabs Security Safeguard.

The internet future has arrived. In the US, 61 percent of households have internet access and access theinternet almost every day1. A current FIND/SVP American Internet User Survey estimates that there are27.7 million adult Internet users who currently use one other Internet application besides e-mail. It’s thesame at work. Nearly all American companies have a connection to the internet and employees expect tohave internet access at work just like they do at home.

BUSINESS CHALLENGES

This raises real challenges for IT managers who have to protect the business against malware, keepinternet bandwidth available for legitimate business needs and enforce acceptable use policies forthe human resource department. Managers everywhere must also nd a balance between allowingreasonable personal internet use at work and maintaining productivity and concentration in the ofce.

Web threats fall into two main categories. First there are the things that employees do online – likevisiting infected websites. Then there are the challenges and difculties facing IT managers when itcomes to managing web use in a secure and efcient way.

THE TOP TEN ISSUES

We surveyed 273 IT managers to nd out what kept them awake at night and what challenges theyfaced. The top ten issues were:

1. Time-wasting on social networking and similar sites (86 percent)

2. Enforcing acceptable use policies a challenge (53 percent)

3. The ability to monitor employee web use (52 percent)

4. Keeping security systems up to date with patches and signatures a challenge (49 percent)

5. Legal risks such as employees visiting inappropriate websites (44 percent) and the accidental

disclosure of condential information online (57 percent)

6. Keeping internet bandwidth free for legitimate business use (44 percent)

7. Protecting remote and home workers (42 percent)

8. Employees using unauthorized web-based applications (42 percent)

9. Protecting the organization against spyware and malware (40 percent)10. Protecting multiple ofces and locations (19 percent generally but 76 percent among companies with

500 or more employees)

This report looks at each of these concerns to understand the business issues and to propose solutionsbased on Symantec Hosted Services.

1 2007 US Census Data, http://www.census.gov2 http://www.networkworld.com/news/2007/050707-employee-web-use.html



[email protected]

WHITEPAPER

PROTECTING YOUR BUSINESS

THREAT WHY IT MATTERS HOW TO PROTECT YOUR BUSINESSTime-wasting

online

The Confederation of Business Industry

estimates that people spend more than 90minutes a week on personal websurngat work3. It reports that a third (32percent) of the companies it surveyedhad had to discipline an employee forinternet misuse. Endemic time-wastingsaps productivity and discourages honestworkers who have to pick up the slack.Dealing with the disciplinary issues isa serious drain on management time.It is a big issue for managers in everycompany. For example, 86 percent of theIT managers we surveyed worried about it.

Only 44 percent of the IT managers we

surveyed had the ability to restrict accessto non-work websites. Without this kindof technology, employee time-wastinggoes unchecked and policy enforcementbecomes much more difcult.

MessageLabs Security SafeGuard letsyou set and apply consistent policies thatrestrict access to different categoriesof website. However, many companiestake a more permissive approach andaccept that a certain amount of personalinternet use is acceptable; indeed many

prospective employees now see it asa right. So the MessageLabs SecuritySafeGuard lets you apply time andbandwidth limits on use so that peoplecan have access but within reasonableboundaries.

Enforcingacceptable usepolicies

Seven in ten of the IT companies wesurveyed had an acceptable use policy forthe internet. Given the risks, such a policyis essential along with training to educateusers about it. But without the technicalmeans to enforce company policies,

companies are at greater risk. Forexample, inconsistent enforcement andrule making on the y makes disciplinaryaction harder. Only 57 percent of thepeople we surveyed could enforceacceptable use policies in a consistentway.

An effective web ltering and monitoringservice can help enforce an acceptableuse policy. A good system, such asMessageLabs Security SafeGuard, allowsa high level of control over what typesof sites can be blocked and an extensive

database of websites to make surenothing slips through the cracks.

Monitoringweb usage

Only 48 percent of the people wesurveyed were able to get detailedreports on web use. However, effectivemonitoring and reporting has apowerful deterrent effect. It can alsohelp companies with very restrictivepolicies justify a degree of relaxation; forexample, to allow employees access topersonal sites during the lunch hour. Butwithout effective reports, companies are

just blind.

MessageLabs Security SafeGuardprovides detailed reports to givemanagers insight into employees’ webuse. This supports HR investigationsand gives managers a broad pictureof company-wide usage patterns andproductivity.

3Employee personal websurng: http://www.cbi.org.uk/ndbs/Press.nsf/0363c1f07c6ca12a8025671c00381cc7/94d596bf6bcd69708025745e003b722b?OpenDocument



[email protected]

WHITEPAPER

THREAT WHY IT MATTERS HOW TO PROTECT YOUR BUSINESS

Staying upto date withpatches and

signatures

Nearly half of respondents (49 percent)reported that keeping security systemsup to date with security signatures,

software patches, etc. was their biggestmanagement challenge. Doing it properlyabsorbs a lot of time, while doing itpoorly exposes IT systems to unnecessaryrisk. Typically in-house web lters, policyengines, spam and anti-malware systemsneed regular updates to stay effective.Finding IT technicians with the rightlevel of skill to manage these systems isanother aspect of this problem.

An internet-hosted service, such asMessageLabs Security SafeGuard,removes many of the challenges and most

of the drudgery of staying up to date. Itdoesn’t replace client-based anti-malwarebut it protects email servers and providesa layer of security and management toweb browsing in place of in-house systems.Symantec Hosted Services updates theservice many times a day to ensure itstays ahead of the latest threats. Unlikesignature-based systems, there is no delaywhile an update is prepared, distributedand installed. It’s all done in our datacentres automatically.

Legal risks More than half our respondents worriedabout employees visiting inappropriateor offensive websites. Businesses faceserious legal liabilities from employee’smisuse of the internet: for example,if they download pirated software itcan leave directors personally liable.Similarly, downloaded porn can create ahostile environment for co-workers andgrounds for a visit to the employmenttribunal. Poorly judged comments onpublic internet forums can be slanderousor breach condentiality guidelines.

Nearly four in ten of our respondentsfound it challenging to address theselegal risks. On the other hand, companieswith effective web ltering andmonitoring can provide reassurance andreduce risks.

MessageLabs Security SafeGuard canprevent access to inappropriate websitesand block specic types of downloads oraccess to online forums, chat and socialnetworking sites.

Wastedbandwidth

67 percent of our respondents wereconcerned about the amount of expensivebandwidth wasted by non-work internetuse. With the rise of social networking,streaming audio and video sites andTV-on-demand business, internetconnections are under strain like neverbefore. Our analysis suggests that 23percent of a business’s bandwidth isused for non-work internet access4.This represents a waste of money andit reduces the bandwidth available for

legitimate work. The result is sloweremail, web browsing and VPN connections.

MessageLabs Security SafeGuardprotects your company’s bandwidth bystopping unwanted trafc before it evenreaches your internet connection. Basedon sophisticated policy controls, it blocksbanned websites, downloads, email spamand media streams on our own systemsbefore they reach your network. Thispreserves your bandwidth for real work.Because it also protects remote andhome workers, it can preserve expensivewireless broadband connections and

home worker’s links back to the companynetwork.

Unprotectedmobile workers

Even if companies have in-house systemsto monitor and control web access and toprotect web users from malware, theyoften don’t cover remote users workingon laptops and home workers operatingoutside the corporate rewall. This leavesa signicant part of the workforceunprotected and this issue representeda serious management challenge for 42percent of respondents.

MessageLabs Security SafeGuardextends web protection and lteringto remote users, including policyenforcement. It also ensures that remoteusers’ online activities are tracked by theservice’s reporting tools.

4See MessageLabs “Bandwidth bandits” white paper 2010.



[email protected]

WHITEPAPER

THREAT WHY IT MATTERS HOW TO PROTECT YOUR BUSINESS

Uncontrolledaccess to webapplications

The internet offers a wide range of onlineapplications, from web mail or socialnetworking through to sophisticated

business applications. Employees can usethese to bypass corporate guidelines onsecurity; for example, to access personalemail or upload company data to servicesthat are outside company control. Thisreduces the IT department’s controlover data and security. 42 percent ofrespondents worried about employeeaccess to web mail or instant messagingapplications. As the sophistication ofonline applications increases, this isgoing to become a signicant problem.

Companies need to decide what kindof access they want to give employees.Some will want to block non-work sites

completely. Others will want to allowaccess to some sites or within certaintime limits. Also, increasingly, companieswill allow employees access to approvedonline services, such as hosted CRMapplications.

MessageLabs Security SafeGuard givesyou granular control over which sites areallowed and which are denied. You canalso limit access to personal sites duringofce hours or with time limits.

Malware Websites are a growing security threatbecause so many of them containmalware. MessageLabs services blocked4,998 malicious websites a day inFebruary 20105. This represents anincrease of 198 percent since January.Four in ten of these sites and 13.3percent of the viruses we discovered werenew, which means that online criminalsare changing their techniques rapidly toavoid detection.

As with any kind of malware, the

consequences of infection are severe.Clear-up takes time, diverts IT resourcesand costs money. Infection renderscondential company informationvulnerable and undermines the ITdepartment’s efforts to provide assuranceto the board about security.

The majority of our respondents (92percent) felt that they were able toprotect their business against malware;although 40 percent found it a seriousmanagement challenge.

That said, nearly half of the IT managerswe surveyed recently said that they knewa company that had suffered a virusattack6. Clearly, some companies mayhave a false sense of security about theirprotection.

Because of the growing sophisticationand rapid evolution of website-based malware, it is essential to haveprotection that goes beyond signaturedetection. MessageLabs Web SecurityServices offers a combination ofsignature scanning and advancedheuristic protection using proprietarySkeptic™ technology. It is backed by 19patents granted or pending and a team of70 anti-malware experts.

Protecting

multiple sites

Among respondents with 500 or more

employees – the companies most likelyto have several ofces – 76 percent saidthat protecting multiple sites was a majorissue. For this group, it was in fact thebiggest issue. This is primarily because itis challenging to protect a single site. Youneed anti-malware, web ltering andmonitoring software and all the supportneeded to keep it up to date. But withmultiple sites, all this hardware andadministrative overhead is multiplied.

Because MessageLabs Security

SafeGuard is an internet-based hostedservice, it can protect many ofces justas easily as it can protect one. Similarly,it doesn’t care how many email serversyou have. Unlike in-house solutions, youdon’t have to pay an upfront capital costfor hardware and software followed by anunpredictable ongoing maintenance cost.Instead, you pay a xed fee per user.

5MessageLabs Intelligence as of 23 March 2010: http://www.messagelabs.co.uk/intelligence.aspx6MessageLabs research for “Converged Threats, Integrated Defences” white paper 2009. 47 percent of respondents said thatanother business that they knew well had suffered a malware attack.



[email protected]

WHITEPAPER

MESSAGELABS SECURITY SAFEGUARD

The number of threats and their diversity may be the biggest problem of all. Historically, companieshave identied a problem and either accepted the risk or bought a point solution to address it. Many

corporate data centers have separate servers for spam ltering, malware protection, web ltering andso on. Each new box adds to the IT department’s cost base and management overhead. They rarely playwell with one another and each one requires a different set of skills to maintain.

In contrast, MessageLabs Security SafeGuard provides an integrated system where each piece – webltering and security, email protection and so on – complements the others and shares the same controlpanel and reporting capabilities. There is no hardware or software to buy. No new boxes for the datacenter or server room. Just a xed, predictable per-employee fee.

When IT managers are asked to protect company data, prevent virus infections, support HR policies andguarantee bandwidth and service levels, MessageLabs Security SafeGuard is an essential tool.

To understand more about MessageLabs Security Safeguard, visit our website or request a free trial atwww.messagelabs.com/trials/web_smb

ABOUT SYMANTEC HOSTED SERVICES

Symantec Hosted Services is a leading provider of hosted messaging and web security services, withover 30,000 clients ranging from small businesses to the Fortune 500, located in 102 countries.Symantec Hosted Services protects, controls, encrypts and archives communications across email,web and instant messaging. These services are delivered by a globally distributed infrastructure andsupported 24/7 by our security experts. This gives a convenient and cost-effective solution for managingand reducing risk and providing certainty in the exchange of business information.

For more information or to request a free trial of our services, visit www.messagelabs.com



[email protected]

WHITEPAPER

Confidence in a connected world.

>EUROPE

>HEADQUARTERS

1270 Lansdowne CourtGloucester Business ParkGloucester, GL3 4ABUnited KingdomTel +44 (0) 1452 627 627Fax +44 (0) 1452 627 628Freephone 0800 917 7733Support: +44 (0) 1452 627 766

>LONDON

3rd Floor40 Whiteld StreetLondon, W1T 2RHUnited KingdomTel +44 (0) 203 009 6500

Fax +44 (0) 203 009 6552Support +44 (0) 1452 627 766

>NETHERLANDS

WTC AmsterdamZuidplein 36/H-TowerNL-1077 XVAmsterdamNetherlandsTel +31 (0) 20 799 7929Fax +31 (0) 20 799 7801Support +44 (0) 1452 627 766

>BELGIUM/LUXEMBOURG

Symantec BelgiumAstrid Business CenterIs. Meyskensstraat 2241780 Wemmel,BelgiumTel: +32 2 531 11 40Fax: +32 531 11 41

>DACH

Humboldtstrasse 6Gewerbegebiet Dornach

85609 AschheimDeutschlandTel +49 (0) 89 94320 120Support :+44 (0)870 850 3014

>AMERICAS

>UNITED STATES

512 Seventh Avenue6th FloorNew York, NY 10018USAToll-free +1 866 460 0000

>CANADA

170 University AvenueToronto, ON M5H 3B3CanadaToll-free :+1 866 460 0000

>ASIA PACIFIC

>HONG KONG

Room 3006, Central Plaza18 Harbour RoadTower IIWanchaiHong KongMain: +852 2528 6206Fax: +852 2526 2646Support: + 852 6902 1130

>AUSTRALIA

Level 13207 Kent Street,Sydney NSW 2000Main: +61 2 8220 7000Fax: +61 2 8220 7075

Support: +1 800 088 099

>SINGAPORE

6 Temasek Boulevard#11-01 Suntec Tower 4Singapore 038986Main: +65 6333 6366Fax: +65 6235 8885Support:+1 800 120 4415

>JAPAN

Akasaka Intercity

1-11-44 AkasakaMinato-ku, Tokyo 107-0052Main: + 81 3 5114 4540Fax: + 81 3 5114 4020Support: + 852 6902 1130

whitepaper_ext_top_ten_web_threats

Documents