BANGALORE, INDIA: Computer viruses are increasingly becoming technically sophisticated everyday. The need to ensure safety of information and constraining its flow to various systems is at the heart of every protection mechanism.

Today, computer systems and networks face threats that source from two major categories; internal sources such as USB drives, CD/DVD drives, portable storage devices etc and, external sources like emails, websites, chat/FTP, network intrusion, hackers, etc.

It is critical to monitor these sources from their start point and at every level through subsystems of a system or network, in order to protect them from various malwares.

According to Forrester Research, a large enterprise network can have as many as 200 different security providers, creating significant complexity for security teams. The complexity has today given rise to the need for enterprises increasingly looking at multi-level protection mechanism.

Says Govind Rammurthy, CEO, MicroWorld Technologies "Even today a majority of companies do not have a Data Loss Prevention Policy (DLP) with regard to use of flash drives. "Even conficker penetrated to enterprise networks because of the use of portable devices that gives access to networks. Most companies invest in building network security but they fail to do the same at the end-point resulting in disastrous consequences.”

The Challenge:  According to Ramamurthy external threats are the ones that are investigated and solutions are developed. They are pretty trusted also. Threats from internal sources has come of late, this is due to the proliferation of devices with storage and communication capabilities.

Though they are small, they carry gigabytes of storage capacities and using them one can easily penetrate into a network thereby bringing the risk of malware.

Agrees Kartik Sahani, regional director - India, McAfee India who also says "Insider threat is probably a bigger challenge as compared to external threats”. External threats can be prevented by having multi-tiered security solutions to protect your organization’s environments.
 
Security experts are of the view that the insider threats may result from malicious intent or unintentionally and this is very difficult to monitor or control. A lot of the external threats too target people working within organizations and use them to breach the security of the organizations.

According to Sahani, every organization needs to focus on five basic threat vectors. They need to protect the endpoint (servers and workstations) from malware and other threats. The threat keeps getting bigger.

Enterprises need to protect their users from dangers on the web especially  from SPAM, as between 85-95 per cent of the world's email is SPAM and 25 per cent of that contains some malicious code or pushes users to a malicious website.

The companies also need to protect their network with effective firewall and intrusion prevention technologies. Leaving any of the above threat vectors unaddressed can lead to security breaches and business disruption or loss, Sahani adds.

Rammurthy insists on companies adopting multilevel protection as he says it facilitates security of highly critical data, especially for computer systems and networks at all levels. “It is also needed to increase the system's survivability. With multi-level protection, a subsystem and its inner level of protection are, in turn, protected by the protection of an outer level,” he observes. “This double-protected subsystem has its outer protection and so forth. This process of protection at multiple levels ensures a high per cent of prevention of attacks on a system or network.”

Vishak Raman, Regional director for Fortinet India & SAARC says he is of the view that unified security solutions cannot be the answer to all security threats, Unified threat management (UTM) can be the first level security solution at the gateway to deal with blended attacks. "If organizations feel the need for multilayered protection, they can opt for specialized security products. These specialized products can be used for features such as Database security, Email security, XML security, OS security and vulnerability management. An optimal solution will be for these products to co-exist with UTM and have centralized management and reporting capabilities.” Raman adds.