Remodelling the fortress: responding to new freedoms and new threats in 2002 and beyond presented at Virus Bulletin 2002

by Joe Donovan (Prudential financial),

Tags: Security


Summary : " Back in 1999, Prudential Financial embarked on a large-scale
enhancement of its anti-virus architecture. This process has
continued, with good results: In 2001, we were able to deflect the
majority of malware threats that bombarded all of us.

However, several viruses, most notably FunLove and Nimda, found the
chinks in our armour, while bringing home the sobering message that
current defenses may not work so well with new threats. While we
stopped Nimda-infected email attachments, we were not prepared for the
assault we sustained from the Internet, and from internally infected
IIS servers.

2001 brought some huge changes in our business and cultural model: we
are now a publicly traded company, operating in the harsh light of
Wall St. We are enhancing our e-commerce presence and relying more on
the Internet; `Better, Faster, Cheaper' leads to innovative, less
monolithic business processes. We have opened up Internet access, with
all the rewards and risks this poses, to our associates. Mobile and
remote access increases our reach and our risk.

Our Anti-Virus procedures will also need to follow the `Better,
Faster, Cheaper' model of performance in 2002. Our experiences last
year underscored a need for improvement in several areas of our
anti-virus architecture: metrics, management, and communication.

Cooperation among disparate business groups that don't always work
together becomes a necessity; what is the best way to leverage the
talent at hand? How do we apply security policies that protect while
not restricting legitimate business activity? What can we do with our
current anti-virus solutions and our network infrastructure to fight
off new threats? What new tools can help us?

This paper will define the challenges that we face in improving our
anti-virus architecture to combat present and future threats. However,
rather than just focusing on technology (hardware/software) solutions,
we will also discuss the `soft' part of our defense perimeter; the
people, policies, and plans that bring everything together.

In the end, I hope to give the reader an idea of how we intend to
combat new threats to a large corporate IT environment, and to open
these plans to discussion, with the hope that they can be used and
improved upon.