A reality of corporate life is economics, defined as the allocation of scarce resources. So, with finite budgets, what is an IT shop to do regarding malware protection outside of the data center?
While the prevailing opinion is that traditional anti-virus (AV) no longer works for contemporary threats, and the fact that mobile device management does not handle malware, EDR stands as the apparent silver bullet. However, most EDR solutions do not extend to the mobile space, and due to that a MTD may be the better investment to embark on first for a distributed enterprise.
Additional decision points include: industry, allowance of local admin rights, how distributed is the enterprise, usage of local drives vs EDM / ECM (e.g., SharePoint, network file shares), and the global network topology.
Showing posts with label ECM. Show all posts
Showing posts with label ECM. Show all posts
Wednesday, January 25, 2017
Tuesday, August 16, 2016
IPS vs EDR vs NAC vs RMS
InfoSec teams have only so much budget, so how does one decide on whether to spend on the outer perimeter or inner perimeter of an on-prem network?
Well, what industry are you in? Where are your critical systems and business processes?
If your org is not highly regulated, and you have critical systems (i.e., ERP) within your inner perimeter, then that should be your focal point.
While EDR, NAC, & RMS are all sexy technologies, they serve to protect the outer perimeter (e.g., laptops, workstations, file shares, business subnets). And while assets themselves, hopefully your IT folks have embraced the cloud and ECM / EDM (i.e., SharePoint).
For the inner perimeter, your data center, IPS, UEBA, TI, & ATP technologies may be used to protect your financial systems, etc. Now, these solutions aren't silver bullets, but there a start.
In this age of shadow IT, virtualization, and distributed workforces, priority should be your most critical digital assets.
Well, what industry are you in? Where are your critical systems and business processes?
If your org is not highly regulated, and you have critical systems (i.e., ERP) within your inner perimeter, then that should be your focal point.
While EDR, NAC, & RMS are all sexy technologies, they serve to protect the outer perimeter (e.g., laptops, workstations, file shares, business subnets). And while assets themselves, hopefully your IT folks have embraced the cloud and ECM / EDM (i.e., SharePoint).
For the inner perimeter, your data center, IPS, UEBA, TI, & ATP technologies may be used to protect your financial systems, etc. Now, these solutions aren't silver bullets, but there a start.
In this age of shadow IT, virtualization, and distributed workforces, priority should be your most critical digital assets.
Subscribe to:
Posts (Atom)