Organisations can train users all day, every day, but humans are humans. It’s never possible to train 100 percent of users to identify and never click on an (unknown) malicious link, or open a potentially harmful email attachment.
These words of caution come from Greg Wyman, APAC Regional VP, Bufferzone Security.
He says that all it takes is for one user to visit one website (which they thought was ‘clean’), click a single web link, open one email attachment or download one file from a website… and potentially have a hacker or ransomware inside the organisation. Although phishing training is critically important, it is only a superficial layer of protection.
Hackers and attackers prey on the oldest human traits of greed, necessity, kindness, urgency or fear, to encourage a (targeted) user to click a link or open an email attachment.
So how does business ensure that users are not compromised by simply doing their work? The answer is surprisingly simple. It is about isolation, containment and elimination, or ICE solutions for short.
Imagine if every time users browse the internet, click a link, download a file or open an email attachment these are all opened in a low impact, secure virtual container located at the endpoint.
Any malware, ransomware or hacker code is isolated in that virtual container and, quite simply, it cannot escape to infect the rest of the organisation. To eliminate the malicious malware, simply empty the container and it all disappears.
The next challenge is how to bring files such as Word, Excel, Powerpoint, pdf’s, png’s and so forth from untrusted or unknown external sources such as the web and emails into the business, and ensure there is no hidden or embedded malware in any of those documents?
Again, the solution is remarkably simple. All inbound files should be broken down to their barebone known good components, then immediately reassembled using only the known good, industry standard components. This leaves behind in the secure virtual container all macros, VB scripts, hidden or embedded objects and malware.
The document is visually identical to the original but does not contain malware. Any malware is isolated in the escape-proof container, and when this gets emptied all malware disappears.
The core to an ICE solution is to have minimal impact on the users’ machines, have minimal disruption to how users work, and for the sanitisation process to take just a few seconds, so that work and users are impacted as little as possible. They can click links, download files and open attachments with confidence.
The users are protected, and the organisation has prevented a potentially devasting malware attack. This is especially concerning today as 94 percent of data breaches start at the endpoint according to Verizon last year.
Realistically, it’s never possible to stop 100 percent of users from clicking a web link, downloading a file from the Internet or opening an email attachment, and that is where the latest in ICE solutions deliver compelling value add to existing endpoint security infrastructure and help to reduce cost and complexity while improving protection.
ICE solutions are designed to complement existing endpoint security products quickly and cost effectively, to improve effectiveness without the traditional cost and complexity, and to stop even the unknown, undetectable, never-before-seen threats attacking businesses of all sizes.
With ICE based solutions, users can click and download with virtually zero risk.