Zero-day protection pointers

Industry analysts and security practitioners agree that the best way to protect against a zero-day threat is by instituting a defense-in-depth security strategy – layered protection from the firewall and network edge down to the host system. Security experts offer these recommendations for IT managers to consider when the organization is faced with a zero-day threat:

Monitor network behaviour. If you haven’t already done so, implement advanced intrusion prevention technologies, such as behaviour-based blocking tools, suggests Symantec’s Dean Turner. Behaviour-based intrusion prevention detects anomalies based on the behaviour of a program, and works better with detecting zero-day attacks than traditional signature-based antivirus.

Stay away from targets. You can better protect your organization by running less common applications, says Mikko Hypponen, chief research officer at F-Secure Corp. Instead of using Outlook for e-mail, for instance, consider using Eudora or Gmail. The more diversity there is in your applications, the better protection you will have against zero-day exploits.

Do an inventory. Know what systems are running where and make sure that all patches are up-to-date, says Turner. The longer that a system sits unpatched, the more likely you’ll be a target of an attack. Do what’s necessary to ensure that you are constantly informed of new vulnerabilities and exploits, he adds.

Know your weakness. Rigorous penetration testing of your IT systems can help uncover unknown vulnerabilities, says Forrester Research’s Chenxi Wang. Understanding where you’re vulnerable, and therefore knowing where the risks lie, is extremely important and will give you an idea of where you can improve your security.

When in doubt, ask. Seek guidance from your security vendor, says F-Secure’s Hypponen. You can also get insights from independent IT security organizations, such as the SANS Institute, which usually releases recommendations on various IT security issues.

Be quick. Once a patch is available, test and roll them out as quickly as possible, says Symantec’s Turner.

Consider deploying Web application firewall (WAF). This tool protects Web-facing applications and blocks malicious requests, explains Wang. Those with sophisticated learning capabilities can effectively block nascent threats. The Forrester analyst adds, however, that rigorous secure coding practices are still the best way to mitigate zero-day risks.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now