This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
A new breed of integrated technology takes Web-based malware off the menu.
"If we had a big problem, we would literally have to drive out to the location, spend a day or maybe even a night depending on how far away it was, to clean off the virus and get the machine back into operational state," Stump says.
And infested PCs were becoming all too common as employees took advantage of broadband access to surf the Internet, download MP3s and visit MySpace. Traditional antivirus software wasn't catching the malware that came with the unauthorized Web browsing. Each store has a PC, which among other things, 15 to 30 employees use to clock in and out on and managers use for email, reporting and other applications.
Today, though, malware outbreaks are rare and productivity is up. Two years ago, Roundtable began using ScanSafe managed services to control employees' Internet access and ward off spyware and viruses. "The first year, we saved about $100,000 in support costs...that
| was with 31 stores," Stump says. Roundtable now has 46 stores in Texas, New Mexico and Oklahoma, with plans for more.
The threat landscape has shifted in the past few years to Web-based malware, leading companies such as Roundtable to bolster their security with a newer breed of technology, Web security gateways. In much the same way antivirus gateways were overtaken by multifunction secure email gateways, Web security gateways combine several existing technologies and features offered by point solutions. Instead of having separate devices for URL filtering, malicious code filtering, instant messaging and other application controls, Web security gateways provide a single high-performance security gateway that shares a common threat database and policy management framework. The Web security gateway market is a mix of software and appliance vendors as well as managed service providers like ScanSafe.
A report by Google in February highlighted how risky Web browsing has become: during a period of 18 months, it found more than 3 million unique URLs on more than 180,000 Web sites automatically install malware. Even legitimate Web sites can distribute malicious code. The growing use of AJAX technology and third-party ads is increasing a Web page's attack surface and the chances that insecure content can be inserted into it. Since Web access requires network firewalls to leave HTTP port 80 open, it's an obvious entry point to launch an attack, and one that firewalls struggle to control.
For many network administrators, this increased risk is manifesting itself in increased bot infections and support calls from users struggling with spyware-infected machines. Also, if employees are hit by drive-by download attacks, the network quickly becomes infected, which can lead to the loss of corporate data and network resources. Combine this with various laws that make businesses liable for privacy, data protection and governance, and organizations are looking beyond URL filtering to improve the protection of their users and data.
Let's take a closer look at how Web security gateways work to provide comprehensive network protection against damaging and often automated threats.
This was first published in April 2008