According to Symantec’s recent Internet Security Threat Report (ISTR), 2010 was a record year for new security threats discovered. At the time of the report’s release, Symantec documented 6,253 new vulnerabilities over the year. Cybercriminals are always finding new and creative ways to attack networks, steal information and, usually, make money in the process. So why do channel partners need to know about the latest threats? Because your customers need to be protected, and you can be the one to provide that service and maximize on this opportunity.
Regardless of size, your customers can easily be targeted by all kinds of malware and threats – and, quite frankly, they probably can’t afford to fall victim and have their sensitive data compromised. You can be the one to educate them and provide them with solutions that will completely protect them. To help you with this, I’d like to share some data from our recent ISTR, as well as some thoughts around the importance of endpoint protection.
The Big PictureAccording to the ISTR, Symantec observed 286 million new threats in 2010, each one representing a unique malicious program that may target your customers. And these aren’t necessarily all the same types of threats we saw the year before. Instead, more and more Internet security threats target specific enterprises, involve social networking or focus on mobile platforms.
This new generation of threats requires a new way of thinking about protection. Which technology is really going to keep your customers safe against the latest malware and threats generated by cybercriminals?
Proper ProtectionThe key is reputation-based security, called Insight, a completely new security technology built by Symantec from the ground up. It was conceived of in 2007 and built from scratch over the past four years as a cloud-based service designed to create and host security/safety ratings for virtually every file on the Internet. Symantec began collecting anonymous data from users four years ago, and today, 175 million endpoints have contributed to Insight, providing the largest database with rich information on each application file.
Many security software vendors say they have file reputation systems, which typically consist of offering malware signatures in the cloud. In other words, they function by comparing files against a list of known malware – a list that is maintained on a server instead of on the computer to be scanned. This approach allows for faster reaction to new malware and, in some cases, for faster scans. However, cloud-based blacklists still require the security vendor to collect a new virus sample, analyze it and fingerprint it before they can offer protection via their cloud servers. They are unable to protect against entirely new threats that they have not received, analyzed and fingerprinted in their lab. Their blacklists in the cloud react faster – but they are still reactive, cannot address new threats and are focused only on identifying malicious applications.
Symantec's award-winning Insight technology doesn’t just have ratings for bad files; it has ratings for more than 2.3 billion – virtually every good and bad software file that exists. This system derives each file’s reputation rating not based on fingerprints, but by analyzing the results of billions of scans on tens of millions of systems. Insight knows whether the file you're about to download can be linked with infections. It knows whether the file has millions of users or has never been seen before. And it knows whether the file has been in use for weeks or months – or whether it was specially created just for you.
Beta ParticipationTo take advantage of Insight technology, you and your customers can sign up for the Symantec Endpoint Protection 12 beta here. By leveraging this new technology, you can protect your customers from threats like never before. Your customers turn to you as their trusted advisor. Show that you are on the cutting-edge by offering them the next generation of protection.
Randy Cochran is VP of channel sales for the Americas at Symantec. Monthly guest blogs such as this one are part of The VAR Guy's annual sponsorship program.