|By Paul Paget||
|May 4, 2012 11:00 AM EDT||
There will always be a threat from malware - malicious software that is designed to steal or corrupt data on computers. Malware affects everyone from security services to silver surfers, and when it isn't checked it can wreak havoc.
Ultimately, it doesn't matter what size your business is, whether you're a multinational or a sole trader, the threat from malware is real and present, which means that you'll need a solution. Usually this means anti-virus software, but keeping on top of updates and distributing these to all of the computers in your organization requires regular attention.
Can application whitelisting help? Is it even a valid alternative, or should your business stick to the tried and tested solution of anti-virus software and malware removal tools that detect and quarantine malicious software, keyloggers, rootkits and Trojans?
The Typical SME Approach to Anti-Virus and Malware
If you are responsible for managing online security in your organization or you're involved as a stakeholder or an engineer, you will appreciate that most businesses take a reactive approach to virus and malware threats.
If a virus or malware infects one or more computers, steps are taken to update the AV software (typically by downloading the latest virus signatures) and remove the infection. In most cases this is successful - anti-virus software is generally fit for this purpose. However, there may be cases when virus signatures have yet to be added, making it difficult for the anti-virus software to find and remove the infection.
When malware is uncovered and the anti-virus solution is unable to deal with it, as is the situation in most cases, the latest version of one of the popular anti-malware tools should be used.
You might find that running the removal process in Safe Mode works best. Although it typically takes over an hour for a single infected computer, you should eventually be able to diagnose the machine as safe to use. In extreme cases, it can take a few hours to rebuild the machine because remediation efforts fail.
It's all rather slow, though, isn't it? More to the point, it is reactive rather than proactive.
How Application Whitelisting Can Help
In the horrific circumstance that all of your computers have been infected with malware, you might be pulling your hair out trying to raise as many engineers as possible while making alternative arrangements for users affected by the problem.
Or, you could be carrying on with the expected day's work, safe in the knowledge that there is no outbreak; no malware has been installed and no data has been lost or stolen.
Unless you run a computer network that has no Internet connection and a "no disks" policy, the only way to fully protect your users from malware is to employ a solution that uses application whitelisting, a process that protects the software that controls the behavior of your computers. If the software is not on the whitelist, it won't run.
It's the doorman of the software world, in many ways. Basically, if your name's not down, you're not coming in.
Is Application Whitelisting the Solution or Part of the Equation?
As things stand, no single solution can exist as anti-virus software companies are busy keeping their applications up-to-date, with both virus signatures and tools to prevent the applications from being targeted by viruses. This means that it is unlikely at present that any AV or anti-malware developer will branch out into providing a complete application whitelisting solution.
Similarly, application whitelisting cannot claim to be the complete solution as it can't deal with the task of removing threats.
It is, therefore, the perfect companion to anti-malware applications. When correctly configured application whitelisting can protect individual computers, servers and entire networks from malware.
Be Proactive, Not Reactive
Whichever way you look at it, the reactive solution of anti-virus and malware removal tools is only a single item on your network security utility belt. It has been proven to work in quarantining the offending code but is largely useless in actually protecting computers from being infected in the first place.
This is why application whitelisting is vital as a proactive solution. Using both in tandem can leave you with an extremely secure network that is protected against malware and anti-virus however they might be introduced (targeted attacks, USB sticks, or malicious attachments to emails).
Whitelists are widely used in website blocking and spam email management. Employing an application whitelist to protect your computers from malicious code that tries to run or install is a logical step to take in the fight against malware.
Operationalizing the network continues to be a driving force behind DevOps and SDN. The ability to solve real problems using programmability to automate and orchestrate infrastructure provisioning and configuration across the application release process remains the hope for many interested in one or the other - and often times both. A recent Avaya sponsored, Dynamic Markets survey (reg required) dove deep into the demesne of SDN and found that many of the problems companies have - and expect ...
May. 5, 2015 08:00 AM EDT Reads: 2,076
We just finished the first O’Reilly Software Architecture Conference and the overwhelming most popular topic was microservices. Why all the hype about an architectural style? Microservices are the first post-DevOps revolution architecture. The DevOps revolution highlighted how much inadvertent friction an outdated operations mindset can cause, starting the move towards automating away manual tasks.
May. 5, 2015 08:00 AM EDT Reads: 1,992
We’re living in exciting but demanding technological times. Big Data, Internet of Things, Apple Watch, ubiquitous computing, smart machines, robotics, and home automation . . . things that were the talk of science fiction only a few short years ago are on every CIOs wish list today. But to the point, the revolution in technology has led to major shifts in how organizations today ideate, plan, develop, and deploy software solutions. It used to be that software release cycles would take upwards of...
May. 5, 2015 08:00 AM EDT Reads: 368
“This win means a great deal to us because it is decided by the readers – the people who understand how use of our technology enables new insights that drive the business,” said Matt Davies, senior director, EMEA marketing, Splunk. “Splunk Enterprise enables organizations to improve service levels, reduce operations costs, mitigate security risks, enhance DevOps collaboration, create new product and service offerings and obtain deeper insight into customer behavior. Being named Best Business App...
May. 5, 2015 07:45 AM EDT Reads: 2,916
Software is eating the world. Companies that were not previously in the technology space now find themselves competing with Google and Amazon on speed of innovation. As the innovation cycle accelerates, companies must embrace rapid and constant change to both applications and their infrastructure, and find a way to deliver speed and agility of development without sacrificing reliability or efficiency of operations. In her Day 2 Keynote DevOps Summit, Victoria Livschitz, CEO of Qubell, discussed...
May. 5, 2015 06:00 AM EDT Reads: 4,755
SYS-CON Events announced today that Akana, formerly SOA Software, has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Akana’s comprehensive suite of API Management, API Security, Integrated SOA Governance, and Cloud Integration solutions helps businesses accelerate digital transformation by securely extending their reach across multiple channels – mobile, cloud and Internet of Thi...
May. 5, 2015 04:00 AM EDT Reads: 2,455
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
May. 5, 2015 03:30 AM EDT Reads: 3,253
BlueBox bridge the chasm between development and infrastructure. Hosting providers are taking standardization and automation too far. For many app developers it does nothing but spawn mayhem and more work. They have to figure out how their creations live on a pre-fab infrastructure solution full of constraints. Operations-as-a-Service is what BlueBox does. BlueBox utilizes development tools such as OpenStack, EMC Razor, Opscode’s Chef and BlueBox's proprietary tools give the power to do the unor...
May. 5, 2015 03:00 AM EDT Reads: 1,885
SYS-CON Events announced today that Vicom Computer Services, Inc., a provider of technology and service solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. They are located at booth #427. Vicom Computer Services, Inc. is a progressive leader in the technology industry for over 30 years. Headquartered in the NY Metropolitan area. Vicom provides products and services based on today’s requirements...
May. 5, 2015 03:00 AM EDT Reads: 2,500
SYS-CON Events announced today that Blue Box has been named “Bronze Sponsor” of SYS-CON's DevOps Summit New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Blue Box delivers Private Cloud as a Service (PCaaS) to a worldwide customer base. Built on a technology platform leveraging decades of operational expertise in cloud and distributed systems, Blue Box Cloud is a managed private cloud product available in both hosted and on-prem versions. Each Blue Box ...
May. 5, 2015 02:00 AM EDT Reads: 1,981
“We are a managed services company. We have taken the key aspects of the cloud and the purposed data center and merged the two together and launched the Purposed Cloud about 18–24 months ago," explained Chetan Patwardhan, CEO of Stratogent, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
May. 5, 2015 01:00 AM EDT Reads: 3,016
"Blue Box has been around for 10-11 years, and last year we launched Blue Box Cloud. We like the term 'Private Cloud as a Service' because we think that embodies what we are launching as a product - it's a managed hosted private cloud," explained Giles Frith, Vice President of Customer Operations at Blue Box, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
May. 5, 2015 12:30 AM EDT Reads: 3,686
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
May. 4, 2015 10:00 PM EDT Reads: 692
This is a no-hype, pragmatic post about why I think you should consider architecting your next project the way SOA and/or microservices suggest. No matter if it’s a greenfield approach or if you’re in dire need of refactoring. Please note: considering still keeps open the option of not taking that approach. After reading this, you will have a better idea about whether building multiple small components instead of a single, large component makes sense for your project. This post assumes that you...
May. 4, 2015 03:00 PM EDT Reads: 1,920
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
May. 4, 2015 01:30 PM EDT Reads: 3,347
This digest provides an overview of good resources that are well worth reading. We’ll be updating this page as new content becomes available, so I suggest you bookmark it. Also, expect more digests to come on different topics that make all of our IT-hearts go boom!
May. 4, 2015 01:00 PM EDT Reads: 1,850
Cloud computing seems destined to be the way enterprises will use information technology. The drastic cost reductions and impressive operational improvements make the transition an unstoppable trend. The “What is cloud computing?” question now, however, seems to be morphing into “Where is cloud computing going?” While software-as-a-service (SaaS) providers see their market rocketing upward as the easiest and quickest path for cloud adoption, infrastructure-as-a-service providers are suffering...
May. 4, 2015 12:45 PM EDT Reads: 921
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
May. 4, 2015 12:00 PM EDT Reads: 4,432
I woke up this morning to the devastating news about the earthquake in Nepal. Sitting here in California that destruction is literally on the other side of the world but my mind immediately went to thinking about my good friend Jeremy Geelan. See Jeremy and his family have been living in Kathmandu for a while now. His wife, in fact, is the Danish Ambassador to Nepal!
May. 4, 2015 12:00 PM EDT Reads: 1,112
Lacking the traditional fanfare associated with any technology that can use the word "container" or mention "Docker" in its press release, Ubuntu Core and its new Snappy system management scheme was introduced late last year. Since then, it's been gaining steam with Microsoft and Amazon and Google announcing support for the stripped-down version of the operating system. Ubuntu Core is what's being called a "micro-OS"; a stripped down, lean container-supporting machine that's becoming more pop...
May. 4, 2015 12:00 PM EDT Reads: 1,012