Is your network safe behind just a firewall?

Malicious software (malware) is easily the biggest network security threat facing financial institutions today since cybercriminals target enterprises that hold a great deal of money or conduct a high volume of transactions on a daily basis. The growing malware threat has a profound effect on a company’s ability to maintain privacy, making the risks to organizations far more significant than before.

“Statistics show that organizations that face a major security breach have a 90 percent chance of going out of business within two years.”
-Rob Anderson

A network intrusion can cost an organization as much as $5 million, depending on the type of malware and information that was stolen, and the risks that companies face are not only financial. Organizations are trusted to keep private information secure. If that trust is broken, the resulting impact on the company's reputation can be severe. In fact, statistics show that organizations that face a major security breach have a 90 percent chance of going out of business within two years.

Therefore, it is important for financial institutions to build upon their firewalls and anti-virus programs with an Intrusion Detection and Prevention System (IDPS). A firewall is not enough to protect a network from a malware attack because today's malware is so advanced that a firewall alone will leave a network vulnerable. An IDPS solution keeps these sophisticated malware threats outside of the network, and is supported by a team of security engineers that provide remedy options for security breaches. Intrusion Detection Systems (IDS) and Intrusion Prevention Sensors (IPS) are also helpful in keeping a firm safe from malware.

Just as federal regulators have made efforts to protect privacy through statutes such as HIPAA, Gramm-Leach-Bliley, and PCI DSS, compliance standards in the financial industry will soon make it mandatory for firms to have an IDS or IPS solution. For example, Massachusetts passed the "Massachusetts Privacy Act," which requires financial firms to have either an IDS or IPS. With the malware trend growing at an astronomical rate, some experts anticipate that all of the remaining 49 states will follow suit with similar legislation within the next two years.

Malware acts like a parasite on a network. A well-intentioned employee may accidentally download malware - such as Zeus (Zbot) - from a Web Site or open it via an e-mail attachment. When a computer in the firm becomes infected with the Zeus worm without an IDS, IPS, or IDPS solution in place, the worm is not recognized as a virus or a Trojan infection. It slips past the network security measures in place and actually hides against the firewall along with the firewall of the other computers in the network. It stays there, collecting the digital traffic and absorbing the private information passing through, including credit card numbers, account numbers, and social security numbers. The Zeus worm will send that information back to the host, who can then sell it to criminals.

Now, let's look at the same scenario, but with an IDPS solution in place. The Zeus worm attempts to sit up against the firewall in order to feed off of the network information. However, the IDPS acts like a bouncer standing outside of a bar: it detects the malware and prevents it from hanging out along the firewall. 

With the PAETEC IDPS solution, the malware threat is caught at the company's security operations center before it reaches your network.  The PAETEC security engineers identify what the malware is, find where it's located, and help customers fix the problem. Working in conjunction with a firewall, the PAETEC IDPS solution is a complete system that protects the network, while eliminating the need for its customers to hire additional IT staff, complete extra levels of certification, or incur capital costs associated with maintaining multiple security devices and information security providers.

The best way to secure an organization's data is to stay informed on threats, analyze vulnerabilities, and work with a partner that can help you build the layers of your security solution. With PAETEC IDPS, financial institutions not only get a network provider, but also a trusted teammate that can manage the security of the network. This synergy between solutions means greater business continuity for the customer and stronger protection from malware.

PAETEC, a FORTUNE 1000 company, is personalizing business communications, for enterprises nationwide.

Biography

Rob Anderson is a Senior Product Manager at PAETEC, responsible for management and innovation of the company's line of security products. He is focused on the expanding demand for securing business networks, as well as security compliance. Anderson joined PAETEC in 2004. He graduated from Clemson University with a B.S. in Technical Marketing and Computer Science.

For more information, please visit www.usfst.com/article/paetec-idps/