Palo Alto Networks in GITEX 2015

0

Saeed Agha, General Manager and spokesperson for Palo Alto Networks Middle East supports a research-based four steps approach for endpoint security for the Middle East organisations.

Today’s endpoint protection solutions offer varying levels of protection against these advanced threats, and decision-makers need to weigh the protection offered against end user disruption when choosing the best technologies to defend their organizations and this study highlighted the key concerns as well as recommendations.

Palo Alto Networks had commissioned a study to evaluate endpoint security with Forrester Consulting to understand key concerns of the users. The hypothesis developed by Forrester Consulting tested the assertion that endpoint security solutions that focus primarily on detection and remediation are not effectively serving customers. In order to protect against advanced and previously unseen threats, a combined strategy of both detection and prevention is needed.

Agha shared these highlights ahead of the region’s premier trade event GITEX Technology Week where Palo Alto Networks is participating with the key message of Prevent and Empower.

With the threat landscape continuously escalating, security professionals work to prevent breaches against a backdrop of multiplying endpoints and attackers exploiting vulnerabilities before they can be patched.  Antivirus, the longtime staple of endpoint protection, can no longer be relied upon to protect against these never-before-seen zero-day threats – instead,  security professionals need to adopt new solutions that can protect against unknown malware and exploits of unpatched vulnerabilities in the OS, browser, and third-party applications.

Agha notes that the best solutions will be those that offer a combination of strong integration between endpoint and network security components in addition to some form of zero-day exploit prevention for OS, browser, and third party applications.

The recommended approach to security professionals to protect their endpoints:

Focus on prevention.

Prevention requires a combination of sophisticated baseline process behavior modeling and careful control over applications. Products that require an update before they can block a new zeroday exploit, or which detect indicators of compromise (IOCs) and then attempt to mitigate the damage are not providing a real prevention capability. Look for a match between the level of effort required to support a given solution and the capabilities of your support staff.

 Reduce the attack surface through a balance of prevention, detection, and remediation proficiency.

The organisations should use a risk-based approach to determine where to deploy advanced solutions in their network.

Integrate endpoint security with network security to create a virtuous cycle of detection and prevention.

Some attacks are launched across the Internet via email or waterhole vectors, while others arrive directly at the endpoint via portable storage devices or a laptop that is outside the corporate network. This means that both the endpoint and the network must be prepared to prevent never-before-seen threats. The best solutions look to share information on what these threats look like across both the endpoint and the network in order to increase the speed and coverage of response to rapidly evolving threats.

Focus on decreasing attack surface while creating as little friction as possible for employees.

Security pros are tasked with balancing the need to protect sensitive data stored on employee devices with the need to enable employee productivity and innovation. When choosing any security technology to be used on an employee device, do not underestimate the importance of preserving endpoint performance and user experience. Employees are continually installing new software and have little tolerance for security products that stand in the way of their own innovation or productivity.