A Positive Control Approach Can Limit Malware's Impact
During 2011, business and government organizations in the United States saw more attempted malware intrusions than in any previous year. Some of these intrusions were highly effective, damaging both the reputation and systems of targeted businesses. When it comes to the security of a company's computer systems, it is not true that bad press is better than no press at all. The public relations damage done to a business by word that private customer information has been compromised can be serious and long lasting.
One effective approach to limiting the impact that malware can potentially have on a network or system is to adopt a managed program model in which visiting personnel from an IT company provide high-quality services to administer and maintain security systems. Such a model will allow for the implementation of a "positive control" approach in which traffic on the network, including the applications that are allowed to run, is highly controlled. This approach is effective because with less traffic, malware has far fewer places in which to hide itself.
A Positive Control Approach in Action
In a positive control approach, any application that allows another one to ‘tunnel’ through it to reach the Internet is denied network access by default. To override such denials requires the intervention of human IT staff that can create exceptions for the programs truly needed for company workflow. Another approach is to allow applications but deny by default all tunneling actions. Both approaches, also known as ‘default deny’, can be highly effective at limiting malware's potential range of function.