Security Appliances: New Strides in Preventing Intrusions
Content provided by IBM-ForwardView eMagazine .
Combining the strengths of several computer protection products, security appliances are powerful tools that stand between your IT system and a host of worms, viruses and malicious intruders. While these devices can repair damage inflicted by security breaches, their real value comes from preventing costly attacks from occurring in the first place.
Computer crime takes a big bite out of business productivity. According to the most recent FBI/CSI survey on computer crime, hackers were responsible for over $23 billion in losses in 2006-and there is little evidence to suggest that this alarming trend will be reversed in the near future. But security appliances, which incorporate an array of security functions, now give SMBs the ability to ward off security breaches without breaking the bank or hiring more IT staff.
It's an important development, says David Puzas, business line manager for IBM's Internet Security Services division. "SMB organizations typically have not had the level of protection that large enterprises have had in the past," he says.
The devices-which really are appliances with their server-like design-can address security far more effectively than several independent pieces of hardware and software. This is critical for SMBs for a number of reasons. Computer crime affects not only profitability but also reputation and credibility. If, for example, a security breach occurs at your business and customer information is stolen, this may seriously damage the customer goodwill and relationships that you have worked hard to develop.
Then there are downtime issues. Any virus, worm or cyber attack that makes its way into your business can cripple operations for hours-or even days-while your IT staff and consultants struggle to get things back up and running again.
Situations like these can make SMB managers wish they could go back in time and do things differently. But the more logical approach, taken by security appliances, is to ensure that these situations never occur in the first place.
Combining products bolsters security strength
Security appliance design goes a long way in preventing attacks; these devices incorporate several security products into a single hardware device. Among the products typically included are antivirus software, intrusion detection, firewalls, network security software, and scanning capabilities-all of which work together. In comparison, stand-alone security devices operate independently of each other. So unless an SMB happens to have dedicated IT security staff to keep everything is sync, these isolated products can leave a business vulnerable to attacks.
A security appliance usually costs far less than purchasing several stand-alone security products, too. The combination of low cost and high efficiency in safeguarding IT assets is critical for cost-conscious SMBs, says Puzas. These appliances automate otherwise time-consuming and expensive security measures needed to ward off and repair all manner of attacks, such as pharming, phishing, viruses and worms. "It's not like attacks take time off-they don't stop after five and then start back up again at nine o'clock in the morning," Puzas says.
Prevention leads to operational cost savings
While security appliances perform numerous functions, their central value lies in preventing increasingly sophisticated attacks. "If you look at attacks over the last two years, they've simply been able to bypass antivirus software and firewalls-and then they're on your network causing damage," Puzas says.
Traditional methods of fixing these problems simply take too long, he continues-which can leave an SMB suddenly incapable of transacting business. He explains this by illustrating the limitations of reliance upon a single security product, and uses antivirus software as an example. "For antivirus to be effective, it has to actually see the virus, and then defenders have to reverse engineer a patch," he notes. "But at that point, it's very reactionary, because something bad has already occurred."
The security appliance approach is designed to prevent these problems from occurring in the first place, Puzas says. "Implementation of a multilayer type of approach to security-where you deploy antivirus, firewalls, and intrusion prevention technologies-is the best approach, because you're not strapped with having an attack and applying a patch like you would have to with antivirus."
Security appliances strengthen business operations
Security appliances also allow businesses to concentrate on their core competencies instead of worrying about IT issues, Puzas says. Specific areas of operation can also take advantage of these devices, he adds-with efficient business continuity topping the list. According to Puzas, the appliances can help keep systems-and employees-working away, despite the number of threats that can cripple a business. Plus, sudden requirements for extra bandwidth demanded by reactive, stand-alone security solutions are eliminated, allowing SMBs to use computing power for business applications-while IT staff spends less time managing security issues.
"Meeting regulatory compliance is one of those things that security provides," Puzas adds-and points to credit card transactions and customer protection as areas where security appliances excel. Plus, these appliances often are capable of reporting on a company's overall security measures, which is an important requirement for regulatory compliance.
Constant research meets new threats
Because security threats are continually evolving, most security appliances are continually upgraded to fight potential intrusions. How well these security devices can be upgraded to meet new threats depends on the vendor's commitment to vulnerability research, Puzas says. Security research for these devices, he explains, should ideally consist of finding weaknesses in the most widely used operating systems and applications-as well as determining how these technologies are used in specific industries.
Managed services strengthen security appliance power
Ensuring that these appliances are kept up-to-date is more easily achieved by outsourcing the job to security services, Puzas says. "It's one thing to buy a box or a set of software-it's another thing to make it effective and get the most out of your investment," he explains. SMBs considering this option, he says, should look for vendors with strong security research backgrounds and the ability to upgrade security solutions remotely at any time.
"You can't be everywhere all the time," notes Puzas as one of the challenges SMBs face in securing their IT assets against intrusions. He also cautions, "You can never be 100 percent secure." But with security appliances, SMBs can take a significant bite out of computer crime-while protecting IT investments, profitability, and reputation.
Content copyrighted by IBM Corporation.