Tools for Protection
Technologies to Thwart Attacks
In the 1105 Government Information Group’s survey, respondents were asked to select the tools they turn to most to help reduce risks associated with a broad array of information security threats. Among the top tools leveraged by government audiences were the following (listed in alphabetical order):
*Anti-malware -- Software to prevent disruption of computer operation, gathering of sensitive information, or gaining unauthorized access to computer systems.
*Anti-spam -- Prevents the receipt of unsolicited bulk messages sent to customers indiscriminately.
*Anti-spyware -- Stops any software that is unknowingly installed on a computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
*Anti-virus -- Stops any program that can copy itself and disease a computer without the permission or knowledge of the owner.
*Authentication -- The process of determining whether someone or something is, in fact, who or what they declare to be, commonly achieved through the use of passwords.
*Content filtering -- Designed and optimized for controlling what content is permitted to a reader, especially when it is used to restrict material delivered over the web.
*Content management -- Combines antivirus, antispyware, anti-spam, web filtering, information protection and control, and other types of inbound and outbound content filtering for web, email, and instant messaging.
*Continuous monitoring -- Maintains ongoing awareness of information security, vulnerabilities and threats to support organizational risk management decisions.
*Data loss prevention (DLP) software -- Identifies, monitors and protects data in use, in motion, and at rest through deep content inspection and with a centralized management framework, designed to detect and prevent the unauthorized use and transmission of confidential information.
*Encryption software -– Transforms information using an algorithm to make it unreadable to anyone except those possessing the password to un-encrypt the data.
*Firewalls and virtual private network services -- General-purpose filtering of networking traffic using one or more packet filtering, inspection or proxy tools.
*Intrusion detection -- Provides continuous monitoring of networks and reacts to malicious activity. Compares current activity with a list of signatures known to represent malicious activity, and will also use other detection methods to discover unauthorized network activity.
*IP security -- A protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.
*Multi-function security devices -- Security appliances that perform multiple functions that may include UTM, secure content management, firewalls/VPN and/or intrusion detection/protection.
*Network access control -– Unifies endpoint security technologies, including antivirus, host intrusion prevention and vulnerability assessment, user or system authentication and network security enforcement.
*Personal firewalls -– Controls network traffic to and from a computer, permitting or denying communications based on security policies. Typically provides an application layer firewall.
*Remote desktop software -- Enables organizations to streamline and secure desktop management and control, reducing operating costs and delivering virtual desktop environments.
*Single sign-on software -- A property of access control of multiple, related, but independent software systems. A user logs in once and gains access to all systems without being prompted to log each time.
*Tokens -- Provides authentication based on a password or PIN and usually an authenticator.
*Vulnerability software -– Looks for weaknesses in a system that might otherwise allow an attacker to violate the integrity of that system.