There is now a legal risk to organisations when their employees introduce inappropriate, lewd and pornographic content and images into the work-place through their misuse of Internet Access, Email and Information Technology facilities provided for them (please register for our briefing paper entitled “Legal Exposure from without and Within”).
The Internet contains a wide range of materials, some of which may be offensive or even illegal in many countries. Unlike traditional media, the Internet does not have any obvious tools for segregating material based on content. While pornographic magazines can be placed behind the counter of a store, and strip-tease joints restricted to certain parts of town, the Internet provides everything through the same medium.
Filters and ratings systems are seen as tools that would provide the cyberspace equivalent of the physical separations that are used to limit access to "adult" materials. In rating a site as objectionable, and refusing to display it on the user's computer screen, filters and ratings systems can be used to prevent children from seeing material that their parents find objectionable. In preventing access, the software acts as an automated version of the convenience-store clerk who refuses to sell adult magazines to high-school students.
A content filter is one or more pieces of hardware/software that work together to prevent users from viewing material found on the Internet. This process has two components:
The first content filters were stand-alone systems consisting of mechanisms for determining which sites should be blocked, along with software to do the filtering, all provided by a single vendor.
The other type of content filter is protocol-based. These systems consist of software that uses established standards for communicating ratings information across the Internet. Unlike stand-alone systems, protocol-based systems do not contain any information regarding which sites (or types of sites) should be blocked. Protocol-based systems simply know how to find this information on the Internet, and how to interpret it.
One of the biggest problems with antivirus technology is that, unlike many other security technologies, you cannot reliably use multiple antivirus applications on a single machine.
The invasive and probing techniques used in the process of looking for and removing viruses from a system often resemble the activities of viruses themselves, so running multiple antivirus applications on the same machine will usually result in one antivirus client mistaking another for a virus and vice versa.
The answer is to use different brands of antivirus spread across the IT infrastructure, ensuring that there is antivirus coverage on file servers, gateways and desktops/laptops, by using different brands on each to limit exposure resulting in a failure in any one make of antivirus. This three tier approach to antivirus is known as “Best Practice AV Deployment”.
But all this remains useless unless the applications are kept up-to-date. So prevalent are viruses that major antivirus vendors find themselves issuing def file updates (a def file is a database of known viruses and behavioural information to assist in heuristic scanning) on a daily basis.
Mechanisms need putting into place to ensure that applications on all platforms are up-to-date.
Most vendors have enterprise management tools that can automate the distribution of def files, application updates and patches at login and in the background, as well as allowing centralised management of all users of a given antivirus application.
NTS’s approach is to reduce the administration headache wherever possible in an organisations infrastructure and to promote self managing/updating appliances where possible. We have partnered with the best of brand and best of breed manufacturers in this space to deliver an organisations total virus defence strategy.
         |
