PROMISEC: Not installed CESM? – Can you afford to be without it?

Without Rangers enforcing the rules, the forest quickly becomes littered with garbage limiting the traffic that can get through, fires are lit without precautions endangering the entire forest and visitors get lost endangering themselves and others around them. This is what your network looks like without CESM. The endpoints and servers in your network can become littered with backdoors like P2P applications or unauthorized Remote PC applications. Users may be using portable mass storage devices or wireless devices, unplugging them when a physical inspection takes place. Existing security clients that you rely on to protect your network may be disabled or out of date and you don’t even know about it. How may of us have had an audit done on our network only to find that at least a handful of PCs have had some sort of issue with their anti-virus client not working correctly?

This is just one of the many items that can be opening your network to threats that you have no way of knowing without doing a constant physical and electronic search of every endpoint and server in your system. Do you perform such a task on a daily basis? Of course not! We rely on a hodgepodge of security products to give us as much of that information as possible.

CESM, however, is the Clientless internal threat management technology that does this continuous inspection for you from the comfort of your own Security Operations Center. CESM is designed to give you full visibility and control of your entire network of endpoints and servers. Leveraging existing Windows Administrator rights, CESM gets deep down into each and every endpoint and server to retrieve all of the necessary information about what is installed or running and whether it conforms to the corporate security and usage policy. CESM does this at unparalleled speeds of over a thousand devices in less than 6 minutes. However, CESM is not just an inspection tool, it is a fully mature endpoint security management solution that remediates problems and maintains the correct operation of your endpoint security infrastructure. This includes enforcing security policies, maintaining compliance and ensuring that security clients have not been disabled or left out of date.

Without CESM in your organization, malicious applications (like Trojan Horses or Keyloggers) could hide under the normal detection patterns and silently transmit confidential data outside of the organization. Without CESM, you have no way of knowing that your users have not installed unauthorized applications and then removed them prior to an inspection or plugging their laptops back into the organization’s network. CESM identifies “fingerprints” of applications and devices even when a PC has not been connected to the network. CESM will identify any application that is downloaded that is not part of the company’s authorized baseline. Other solutions that lock down networks from downloading anything are far too limiting and adversely affect the productivity of the organization. Without CESM, you have now way of knowing if harmful processes are present that are corrupting files and rendering your information unusable. Without CESM, you would have to invest in four or five different products to achieve the same results and in most cases that would mean installing more that 2 or 3 clients for every machine you intend to protect. This alone is an overhead many IT administrators would like to avoid, but the cost of having to deploy so many disparate solution goes way beyond their purchase price; you would need to ensure there is no software conflict on the machines, for each solution there is a learning curve and training needed to run them and the ongoing costs of upgrading new versions. This also leads to hardware and memory upgrades as well as other hidden costs that add to the Total Cost of Ownership (TCO) of these disparate solutions.

CESM is clientless, so all of these issues are redundant, but the functionality it offers in its clientless deployment is far more comprehensive than the number of client based products that only fix one problem of the array of endpoint security issues.

CESM is also one of the most cost effective security products on the market because it doesn’t sap resources of an organization and offers administrators control of their network from their own desktop. This not only saves the time of the administrator from having to go physically to each endpoint and server to test and fix any perceived problems, but it also increases the productivity of users who no longer need to be taken off their PCs to allow for remediation to take place.

CESM is a self-remediation technology that fixes most problems automatically; others are fixed by the administrator using the CESM technology to send out specific fixes to problems needing intervention.

In summary, CESM is an essential technology that gives a company a front-line, heads-up view of their network with the opportunity to fix the problems it identifies before they become a security breach. This minimizes the expensive cost of recovering for a major security incident.
In addition it gives that extra layer of protection to ensure that your security apparatus if functional and operational. CESM runs 24x7 to ensure immediate identification of a machine falling from compliance.

In the table below we show the type of threat that can occur inside the network, what its business impact is and how it can get introduced into the network. These are all important to understand the nature of the problem and how CESM gives immediate and accurate answers upon which to act.

Contact Details
Nikolay Goloviznin
Sales Director Russia, CIS and Baltic States
T: + 33 (0) 1 4938 4444
F: + 33 (0) 1 4938 4445
M: + 7 903 799 60 34
E: nikolay.goloviznin@embraer.fr
www.embraerexecutivejets.com