DOCSLIB.ORG

Sonicwall Enforced Client Anti-Virus and Anti-Spyware Software Automated and Enforced Anti-Virus and Anti-Spyware Protection

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Sonicwall Enforced Client Anti-Virus and Anti-Spyware Software Automated and Enforced Anti-Virus and Anti-Spyware Protection SonicWall Enforced Client Anti-Virus and Anti-Spyware Software Automated and enforced anti-virus and anti-spyware protection When you are facing multiple threats regardless of whether the endpoint Benefits: from multiple locations, you need is inside the corporate network or • Automated/enforced installation multiple layers of protection. A firewall’s outside connected via VPN. Virus and deployment gateway anti-virus solution provides the and spyware signatures are updated • Automated anti-virus and anti- first layer of defense at the perimeter, automatically, thus simplifying ongoing spyware client enforcement stopping most attacks before they enter administration and ensuring reliability. the network. But viruses can still enter SonicWall Enforced Client Anti-Virus and • Always on, automatic the network through multiple entry Anti-Spyware software is available for virus protection points. While protection at multiple purchase with the McAfee® or Kaspersky • Always on, automatic layers is the best defense, deploying, anti-virus engine. spyware protection maintaining and enforcing the right • On-demand and security software on the endpoint Features and benefits scheduled scanning devices can strain IT resources and Automated installation and budgets. This has created the need for • Comprehensive web- deployment of anti-virus and anti- based reporting a manageable, enforced network-wide spyware clients machine-by-machine solution that ensures all endpoints have across the network is enforced • License sharing the latest security software updates. by the firewall thus minimizing administrative overhead. SonicWall™ firewalls provide an innovative multi-layered anti-malware Automated by the SonicWall strategy consisting of its proprietary firewall, anti-virus and anti-spyware Reassembly Free Deep Packet client enforcement verifies that every Inspection® (RFDPI) anti-malware computer accessing the network has solution at the gateway and enforced the most recent version of anti-virus and anti-virus solution at the endpoints. anti-spyware signatures installed and When a non-complaint endpoint within active, eliminating the costs commonly the network tries to connect to the associated with desktop anti-virus and Internet, the firewall will redirect the anti-spyware policy management. user to a web page to install the latest SonicWall Enforced Client Anti-Virus Always on, automatic virus protection and Anti-Spyware software. The firewall keeps end-user productivity high and further ensures that all the endpoint security management low by providing clients are automatically updated with frequent anti-virus and anti-spyware the latest anti-virus and anti-spyware updates transparently to all desktops signatures without end-user intervention. and file servers. The software is easily deployed, automatically enforced and updated Spyware protection scans and blocks ® ® the installation of a comprehensive array network-wide on Microsoft Windows of spyware programs on desktops and devices through a powerful but easy- laptops before they transmit confidential to-use policy-driven engine. Because it data, providing greater desktop security is client-based and maintained across and performance. the network, it protects against threats On-demand and scheduled scanning Centralized anti-virus management • Excluded files and folders provides administrators with the and reporting • Manage approved programs list customization flexibility to choose SonicWall anti-virus policy management when additional scans are performed and reporting can be accessed through • Granularly configurable virus and and how frequently the software the web interface of the SonicWall spyware protection settings checks for anti-virus and anti-spyware firewall appliance. It reports detailed signature updates. Top reports enterprise-wide information such as coverage status summary, machines • Systems out-of-date Comprehensive web-based reporting provides information about the state updated, viruses cleaned, and spyware • Systems up-to-date of each user, historical data on past detected, deleted and quarantined, as • Viruses found and spyware detected infection detections, and information on well as the currency of .DAT, engine and product versions. each computer’s operating system. • Most-infected machines License sharing enables organizations Policy-based management • Detailed system reporting of with distributed networks of multiple • Scheduled and manual scan settings each machine SonicWall firewall appliances to • Configurable spyware allocate Enforced Client Anti-Virus protection mode and Anti-Spyware licenses to meet changing conditions. nternet nocement nternet access is not alloed hen a current ersion of SonicWall Enforced Client A ith the current irus signatures is not present 2 SonicWall fireall Automated deployment and proisions 1 on-compliant 3 ental management ompliant clients client onitors and manages SonicWall Enforced Clients netorkide, antiirus Antiirus and AntiSpyare policies, reports, top (cAfee and Kaspersky attacks, etc. 1 oncompliant client attempts to access the nternet 2 Access is denied and client is notified 3 SonicWALL Enforced Client Antiirus and AntiSpyare (cAfee and Kaspersky is installed and client becomes compliant Specifications Enforced Client Anti-Virus and Anti-Spyware Solution Supported platforms Features McAfee McAfee • Windows XP Home or • Can be deployed in Enforced Client Professional (with Service enforced and/or in stand- Number of users SKU Pack 2 or later) alone mode 5 user license (1 yr) 01-SSC-2743 • Windows Vista • Enforced through all 10 user license (1 yr) 01-SSC-2740 SonicWall firewalls (E-Class • Windows 7.1 Network Security Appliance 25 user license (1 yr) 01-SSC-2745 • Windows 8.1 (NSA), NSA and TZ Series) 50 user license (1 yr) 01-SSC-2741 SonicWall • Windows 2000 (with • Not enforceable; can be 100 user license (1 yr) 01-SSC-2742 Server Anti-Virus Service Pack 2 or later) deployed in stand-alone 250 user license (1 yr) 01-SSC-6948 mode and/or managed (McAfee)* • Windows 2003 using McAfee ePolicy 500 user license (1 yr) 01-SSC-6949 • Windows Server 2008 Orchestrator (not sold 1,000 user license (1 yr) 01-SSC-6950 • Microsoft Exchange by SonicWall) 2000/2003/2007/2010 SonicWall Server Anti-Virus/ Enforced Client Anti-Virus and Kaspersky • WinXP (Both 32 and 64 bit) Anti-Spyware Suite Enforced Client • Vista (Both 32 and 64 bit) • Windows 7.1 (Both 32 McAfee and 64 bit) Number of users SKU • Windows 8.1 (Both 32 5 user license (1 yr) 01-SSC-3419 and 64 bit) 10 user license (1 yr) 01-SSC-3420 • Windows 10 25 user license (1 yr) 01-SSC-3421 *Sold as part of SonicWall Server Anti-Virus/Enforced Client Anti-Virus and Anti-Spyware Suite McAfee which includes SonicWall Enforced Client Anti-Virus and Spyware (McAfee) 50 user license (1 yr) 01-SSC-3422 100 user license (1 yr) 01-SSC-3423 250 user license (1 yr) 01-SSC-6975 For more information on SonicWall’s suite of value-added security services including 500 user license (1 yr) 01-SSC-6976 gateway anti-virus, anti-spyware and intrusion prevention service, application 1,000 user license (1 yr) 01-SSC-6977 intelligence and control, comprehensive anti-spam service, enforced client anti-virus and anti-spyware and content filtering service, please visit our web site at sonicwall.com. McAfee: 2-year SKUs available. Visit sonicwall.com for more information. About Us Over a 25 year history, SonicWall has been the industry’s trusted security partner. SonicWall Enforced Client From network security to access security to email security, SonicWall has continuously Anti-Virus and Anti-Spyware evolved its product portfolio, enabling organizations to innovate, accelerate and grow. With over a million security devices in almost 200 countries and territories worldwide, Kaspersky SonicWall enables its customers to confidently say yes to the future. Number of users SKU 5 user license (1 yr) 01-SSC-5404 10 user license (1 yr) 01-SSC-5407 25 user license (1 yr) 01-SSC-5410 50 user license (1 yr) 01-SSC-5413 100 user license (1 yr) 01-SSC-5416 250 user license (1 yr) 01-SSC-5420 500 user license (1 yr) 01-SSC-5423 1,000 user license (1 yr) 01-SSC-5426 Kaspersky: 2-year and 3-year SKUs available. Visit sonicwall.com for more information. SonicWall, Inc. © 2016 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a 5455 Great America Parkway | Santa Clara, CA 95054 trademark or registered trademark of SonicWall Inc. and/or its affiliates Refer to our website for additional information. in the U.S.A. and/or other countries. All other trademarks www.sonicwall.com and registered trademarks are property of their respective owners. Datasheet-EnforcedClientAntiVirus-US-KJ-22758-D60.
Load more

Recommended publications
  • Top 10 Cyber Crime Prevention Tips
    Top 10 Cyber Crime Prevention Tips 1. Use Strong Passwords Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis. 2. Secure your computer o Activate your firewall Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers. o Use anti-virus/malware software Prevent viruses from infecting your computer by installing and regularly updating anti-virus software. o Block spyware attacks Prevent spyware from infiltrating your computer by installing and updating anti- spyware software. 3. Be Social-Media Savvy Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is there forever! 4. Secure your Mobile Devices Be aware that your mobile device is vulnerable to viruses and hackers. Download applications from trusted sources. 5. Install the latest operating system updates Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software. 6. Protect your Data Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in another location. 7. Secure your wireless network Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured.
    [Show full text]
  • Trojans and Malware on the Internet an Update
    Attitude Adjustment: Trojans and Malware on the Internet An Update Sarah Gordon and David Chess IBM Thomas J. Watson Research Center Yorktown Heights, NY Abstract This paper continues our examination of Trojan horses on the Internet; their prevalence, technical structure and impact. It explores the type and scope of threats encountered on the Internet - throughout history until today. It examines user attitudes and considers ways in which those attitudes can actively affect your organization’s vulnerability to Trojanizations of various types. It discusses the status of hostile active content on the Internet, including threats from Java and ActiveX, and re-examines the impact of these types of threats to Internet users in the real world. Observations related to the role of the antivirus industry in solving the problem are considered. Throughout the paper, technical and policy based strategies for minimizing the risk of damage from various types of Trojan horses on the Internet are presented This paper represents an update and summary of our research from Where There's Smoke There's Mirrors: The Truth About Trojan Horses on the Internet, presented at the Eighth International Virus Bulletin Conference in Munich Germany, October 1998, and Attitude Adjustment: Trojans and Malware on the Internet, presented at the European Institute for Computer Antivirus Research in Aalborg, Denmark, March 1999. Significant portions of those works are included here in original form. Descriptors: fidonet, internet, password stealing trojan, trojanized system, trojanized application, user behavior, java, activex, security policy, trojan horse, computer virus Attitude Adjustment: Trojans and Malware on the Internet Trojans On the Internet… Ever since the city of Troy was sacked by way of the apparently innocuous but ultimately deadly Trojan horse, the term has been used to talk about something that appears to be beneficial, but which hides an attack within.
    [Show full text]
  • Civilians in Cyberwarfare: Conscripts
    Civilians in Cyberwarfare: Conscripts Susan W. Brenner* with Leo L. Clarke** ABSTRACT Civilian-owned and -operated entities will almost certainly be a target in cyberwarfare because cyberattackers are likely to be more focused on undermining the viability of the targeted state than on invading its territory. Cyberattackers will probably target military computer systems, at least to some extent, but in a departure from traditional warfare, they will also target companies that operate aspects of the victim nation’s infrastructure. Cyberwarfare, in other words, will penetrate the territorial borders of the attacked state and target high-value civilian businesses. Nation-states will therefore need to integrate the civilian employees of these (and perhaps other) companies into their cyberwarfare response structures if a state is to be able to respond effectively to cyberattacks. While many companies may voluntarily elect to participate in such an effort, others may decline to do so, which creates a need, in effect, to conscript companies for this purpose. This Article explores how the U.S. government can go about compelling civilian cooperation in cyberwarfare without violating constitutional guarantees and limitations on the power of the Legislature and the Executive. * NCR Distinguished Professor of Law and Technology, University of Dayton School of Law. ** Associate, Drew, Cooper & Anding, P.C., Grand Rapids, Michigan. 1011 1012 Vanderbilt Journal of Transnational Law [Vol. 43:1011 TABLE OF CONTENTS I. INTRODUCTION .............................................................
    [Show full text]
  • Cyber War and Deterrence Applying a General Theoretical Framework
    Cyber War and Deterrence Applying a General Theoretical Framework Capt Isaac Nacita, USAF Lt Col Mark Reith, USAF, PhD Disclaimer: The views and opinions expressed or implied in the Journal are those of the authors and should not be con- strued as carrying the official sanction of the Department of Defense, Air Force, Air Education and Training Command, Air University, or other agencies or departments of the US government. This article may be reproduced in whole or in part without permission. If it is reproduced, the Air and Space Power Journal requests a courtesy line. Introduction Military history, when superficially studied, will furnish arguments in support of any theory or opinion. —Paul Bronsart von Schellendorf In September 1870, after just six weeks of what many thought would be a pro- longed war, Prussian bystanders jeered Louis-Napoléon Bonaparte as he was carried to captivity in what is now Kassel, Germany. It was a fitting portrait of French na- tional disgrace.1 Their military structures before the war and lack of strategic plan- ning were partly to blame. National archivist Dallas D. Irvine points out, “it (the French system) was almost completely effective in excluding the army’s brain power from the staff and high command. To the resulting lack of intelligence at the top can be ascribed all the inexcusable defects of French military policy.”2 Never- theless, influenced by the idea that France had lost due to its lack of morale that an offensive approach would have provided, the military regrouped and refocused it- self, this time adopting “attaque á outrance.” This doctrine was French military strategy entering World War I, and it was almost immediately proved spectacularly wrong.
    [Show full text]
  • Study on Computer Trojan Horse Virus and Its Prevention ZHU Zhenfang
    International Journal of Engineering and Applied Sciences (IJEAS) ISSN: 2394-3661, Volume-2, Issue-8, August 2015 Study on Computer Trojan Horse Virus and Its Prevention ZHU Zhenfang to steal or viciously revise files, spy system information, steal various commands and passwords, and even format users’ Abstract— In recent years, the fast development of computer hardware. In addition, Trojan horse virus usually records network technology, has become an integral part of human’s life, keyboard operation by means of keyboard record, and then work and study. But with the popularity of the Internet, obtains the account and password of E-bank. Attackers can computer viruses, Trojans and other new terms have become some well-known network vocabularies. Studies have shown directly steal users’ wealth by obtaining accounts and that most users of computer are more or less suffered from passwords. On the other hand, Trojan horse can also cause the computer virus. So people must attach great importance to the native machine be affected by other vicious virus. network security problem. The paper studied Trojan virus. Paper first introduced the concept, characteristics and PREVENTION OF HORSE VIRUS categories of the Trojan virus and its harm, and then focused on the way and means of the Trojan’s spread. It introduced the According to the above introduction, we know that Trojan virus loading and hiding technology, too. Its last part Trojan horse virus is very dangerous. If we neglect the focused on the prevention measures, it put forward reasonable prevention, our computer may be easily attacked. For the suggestions to users, and paper also put forward prevention prevention of Trojan intrusion, Trojan intrusion should be advice to improve network security.
    [Show full text]
  • A Model of Stateful Firewalls and Its Properties
    A Model of Stateful Firewalls and its Properties Mohamed G. Gouda and Alex X. Liu1 Department of Computer Sciences, The University of Texas at Austin, Austin, Texas 78712-1188, U.S.A. Email: {gouda, alex}@cs.utexas.edu Abstract deployed in most businesses and institutions for securing private networks. A firewall is placed at the point of entry We propose the first model of stateful firewalls. In this between a private network and the outside Internet so that model, each stateful firewall has a variable set called the all incoming and outgoing packets have to pass through it. state of the firewall, which is used to store some packets The function of a firewall is to map each incoming or out- that the firewall has accepted previously and needs to re- going packet to one of a set of predefined decisions, such as member in the near future. Each stateful firewall consists of accept or discard. Based on how a decision is made for ev- two sections: a stateful section and a stateless section. Upon ery packet, firewalls are categorized into stateless firewalls receiving a packet, the firewall processes it in two steps. In and stateful firewalls. If a firewall decides the fate of every the first step, the firewall augments the packet with an ad- packet solely by examining the packet itself, then the fire- ditional field called the tag, and uses the stateful section to wall is called a stateless firewall. If a firewall decides the compute the value of this field according to the current state fate of some packets not only by examining the packet it- of the firewall.
    [Show full text]
  • Stateful Firewalls
    05 7376 ch03 2/11/05 2:14 PM Page 55 3 Stateful Firewalls THE FOCUS OF THIS CHAPTER IS ON STATEFUL firewalls, a type of firewall that attempts to track the state of network connections when filtering packets.The stateful firewall’s capabilities are somewhat of a cross between the functions of a packet filter and the additional application-level protocol intelligence of a proxy. Because of this additional protocol knowledge, many of the problems encountered when trying to configure a packet-filtering firewall for protocols that behave in nonstandard ways (as mentioned in Chapter 2,“Packet Filtering”) are bypassed. This chapter discusses stateful filtering, stateful inspection, and deep packet inspection, as well as state when dealing with various transport and application-level protocols.We also demonstrate some practical examples of how several vendors implement state track- ing as well as go over examples of such firewalls. How a Stateful Firewall Works The stateful firewall spends most of its cycles examining packet information in Layer 4 (transport) and lower. However, it also offers more advanced inspection capabilities by targeting vital packets for Layer 7 (application) examination, such as the packet that ini- tializes a connection. If the inspected packet matches an existing firewall rule that per- mits it, the packet is passed and an entry is added to the state table. From that point forward, because the packets in that particular communication session match an existing state table entry, they are allowed access without call for further application layer inspec- tion.Those packets only need to have their Layer 3 and 4 information (IP address and TCP/UDP port number) verified against the information stored in the state table to confirm that they are indeed part of the current exchange.This method increases overall firewall performance (versus proxy-type systems, which examine all packets) because only initiating packets need to be unencapsulated the whole way to the application layer.
    [Show full text]
  • Best Practices: Use of Web Application Firewalls
    OWASP Papers Program Best Practice: Use of Web Application Firewalls Best Practices: Use of Web Application Firewalls Version 1.0.5, March 2008, English translation 25. May 2008 Author: OWASP German Chapter with collaboration from: Maximilian Dermann Mirko Dziadzka Boris Hemkemeier Achim Hoffmann Alexander Meisel Matthias Rohr Thomas Schreiber OWASP Papers Program Best Practice: Use of Web Application Firewalls Abstract Web applications of all kinds, whether online shops or partner portals, have in recent years increasingly become the target of hacker attacks. The attackers are using methods which are specifically aimed at exploiting potential weak spots in the web application software itself – and this is why they are not detected, or are not detected with sufficient accuracy, by traditional IT security systems such as network firewalls or IDS/IPS systems. OWASP develops tools and best practices to support developers, project managers and security testers in the development and operation of secure web applications. Additional protection against attacks, in particular for already productive web applications, is offered by what is still a emerging category of IT security systems, known as Web Application Firewalls (hereinafter referred to simply as WAF), often also called Web Application Shields or Web Application Security Filters. One of the criteria for meeting the security standard of the credit card industry currently in force (PCI DSS - Payment Card Industry Data Security Standard v.1.1) for example, is either a regular source code review or the use of a WAF. The document is aimed primarily at technical decision-makers, especially those responsible for operations and security as well as application owners (specialist department, technical application managers) evaluating the use of a WAF.
    [Show full text]
  • Automatic Discovery of Evasion Vulnerabilities Using Targeted Protocol Fuzzing
    Automatic Discovery of Evasion Vulnerabilities Using Targeted Protocol Fuzzing Antti Levomäki Olli-Pekka Niemi Christian Jalio Forcepoint Forcepoint Forcepoint Helsinki, Finland Helsinki, Finland Helsinki, Finland [email protected] [email protected] [email protected] Abstract— Network protocol normalization and reassembly is Our goal is to find protocol reassembly problems in the basis of traffic inspection performed by NGFW and IPS middlebox traffic inspection. Most middlebox security devices. Even common network protocols are complex with products are proprietary solutions with no visibility into the multiple possible interpretations for the same traffic sequence. actual inspection process. The inspection behaviour also We present a novel method for automated discovery of errors in changes with signature updates, inspection policy changes and traffic normalization by targeted protocol stack fuzzing. These software upgrades. The inspection process is therefore a black errors can be used by attackers to evade detection and bypass box for testing purposes. security devices. The search space for different ways to send a network Keywords—network; intrusion prevention; evasion; fuzzing; exploit is large. The traffic for a relatively simple HTTP GET IDS; IPS; NGFW request is composed following at least the following specifications: I. INTRODUCTION •RFC 2616 – Hypertext Transfer Protocol HTTP/1.1 [3]. Network security devices perform real-time analysis on •RFC 793 - Transmission Control Protocol [4]. network traffic to detect malicious or unwanted traffic. •RFC 791 – Internet Protocol [5]. Intrusion prevention systems (IPS) and next generation firewalls (NGFW) are common examples of middlebox Many protocols also have commonly implemented systems that can alert and possibly terminate offending traffic. extensions increasing the complexity.
    [Show full text]
  • Guidelines on Firewalls and Firewall Policy
    Special Publication 800-41 Revision 1 Guidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone Paul Hoffman NIST Special Publication 800-41 Guidelines on Firewalls and Firewall Revision 1 Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone Paul Hoffman C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 September 2009 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Deputy Director GUIDELINES ON FIREWALLS AND FIREWALL POLICY Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-41 Revision 1 Natl. Inst. Stand. Technol. Spec. Publ. 800-41 rev1, 48 pages (Sep. 2009) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]
  • Informational Supplement Best Practices on Spyware Prevention and Detection the Internet Has Become a Popular Method for Both C
    Informational Supplement Best Practices on Spyware Prevention and Detection The Internet has become a popular method for both conducting business and managing finances through online banking relationships. While most financial institutions and some individuals have taken steps to protect their computers, many firewall and anti-virus software packages do not protect computers from one of the latest threats, “spyware” – a form of software that collects personal and confidential information about a person or organization without their proper knowledge or informed consent, and reports it to a third party. This informational supplement describes the various challenges and best practices related to spyware. Financial institutions should consider these recommendations to prevent and detect spyware on both bank-owned and customer computers. Spyware Infection Spyware is usually installed without a user’s knowledge or permission. However, users may intentionally install spyware without understanding the full ramifications of their actions. A user may be required to accept an End User Licensing Agreement (EULA), which often does not clearly inform the user about the extent or manner in which information is collected. In such cases, the software is installed without the user’s “informed consent.” Spyware can be installed through the following methods: • Downloaded with other Internet downloads in a practice called “bundling.” In many cases, all the licensing agreements may be included in one pop-up window that, unless read carefully, may leave the user unaware of “bundled” spyware. • Directly downloaded by users who were persuaded that the technology offers a benefit. Some spyware claims to offer increased productivity, virus scanning capabilities or other benefits.
    [Show full text]
  • Security Awareness Newsletter for Security Aware People News
    SecuritytheAwareness security awareness newsletter for security aware people News The Human Firewall Manifesto The 5 Principles of Being a Human Firewall Proactive Security Awareness How Human Firewalls Stop Cybercrime © 2021 The Security Awareness Company - KnowBe4, Inc. All rights reserved. Company - KnowBe4, Inc. Awareness The Security © 2021 The 5 Principles of Being a Human Firewall The concept behind the human firewall was built on the most critical aspect of security: people. When we talk about preventing data breaches and other incidents, we’re talking about protecting people, not computers. It’s easy to view data as some faceless, lifeless asset that resides on hard drives and servers. In reality, every bit of that data represents a person. Data equals someone’s identity—their digital DNA. And it’s not computers trying to steal those identities. It’s evil people. That’s why we need good human firewalls who remain vigilant in the fight against cybercrime. It’s the human firewall’s job to prioritize security in every facet of life and make the world a better place for everyone. How do you do that? By living and working according to these five security awareness principles: 1. Never make assumptions. Don’t draw your own conclusions. If you’re unsure of something, reach out. Ask. For example, if you find a USB flash drive, don’t assume someone lost it by accident. Turn that flash drive in to management so it can be analyzed for malicious software. 2. Stay alert. Situational awareness is the human firewall’s best friend. Keep your guard up.
    [Show full text]