Automating DefensesBy Bob Violino | Posted 2009-01-30 Email Print
Threats to data and network security increase during tough times, even as scarce resources make companies more vulnerable to attack.
Using tools that automate security processes such as scanning for network vulnerabilities is one way to do more with less, says Charles McClain, vice president of information security at County Bank, a mid-sized commercial bank in Fresno, Calif.
McClain uses a network scanning technology from Qualys Inc. to help protect the bank’s more than 700 workstations and 50 enterprise servers. The tool, which Qualys provides as a software service, “makes me a lot more effective than I would otherwise be” at thwarting attacks and eliminating malware, McCain says. “I couldn’t do the job I do unless I used [the service]. There are thousands of vulnerabilities for the Windows environment, which is our primary environment.”
The scanner automatically monitors all of the bank’s network-connected devices at 39 branches at least once per month, and examines critical Windows servers each week, McClain says. “It allows me to perform this ongoing inspection, and we haven’t had a major security incident at the bank” since the software was implemented, he says.
That’s not because of a lack of threats. Malware senders have repeatedly attempted to use email to spread viruses and other malicious programs through the bank’s systems, McClain says. The number and breadth of attempted security attacks have increased steadily in recent years, McClain says.
There was an especially huge uptick in attempts during the first six months of 2008, McClain says, and he believes that might be associated with the downturn in the economy. On any given day there might be more than 1,000 hits on the company’s network from outside, although not all of those are malware or other security threats, he says.
Vulnerability scanning not only protects County Bank’s network, but it enables the company to comply with many state and federal regulations.
In addition to using the scanner product and other technology solutions, McClain has tried to make it clear to end users that they need to look out for security threats. That might sound obvious enough, but with the ever-changing nature of threats, many users have no clue what to look out for.
“We’ve had a very judicious and vigorous education process alerting, or brow beating, all our employees to very carefully review any emails they get from within or outside the organization,” he says. Users are taught to avoid opening or using questionable files that come in with e-mails.
Given the more limited resources and high number of security threats, every effort to prevent breaches will be important.