Posture??
No not that kind of posture.
We're talking about your Internet
Security Posture...
Don't know...? Perfect, you're in the right place.
We're here to help you learn what the different security postures are and how they affect you.
The good news is that there are really only two kinds of security postures out there:
Default Allow and Default Deny.
This worked really well in the early days of the Internet when there were very few
Default Allow lets you download and run any file that isn't known to be BAD.
This worked really well when we knew exactly which files were good or just didn't have very many files to deal with, or if we were running a piece of hardware that just did one thing like take credit card.
White Listing won't let you download anything that isn't known to be GOOD.
The number of BAD (malware) files being created by hackers and bad actors is increasing at an exponential – and very alarming – rate. In 2015 there were 85,000,000...
Yes Eighty Five Million NEW malware files released into the wild,
that's over 232,000 new files every single day. That's a terrifying number. And even if you're constantly updating your blacklist, there's no way you can possibly keep up.
Yes... Traditional Anti-Virus applications and
technologies are Default Allow
Traditional AV applications would have to update the BAD list 232,000 times a day to keep up, could you imagine the prompts you would have to deal with in order to do this?
Bottom line: Someone's definitely going to get infected.
Let's talk about what people call Default Deny... (it's really just white listing, but more on that later).
Remember those old flip phones? They had a few little games and an app or two on them and you could download a few others but only from your carrier and maybe there were like 5 or 10 to choose from.
Well those few apps and games were effectively on your carrier's whitelist – they were known to be good and therefore you were allowed to download them without fear of being infected.
Yes... Old flip phones are White Listing
AND yes you didn't ever have to worry about being
infected.
BUT... You couldn't do much more than call people.
And you really had to enjoy Tetris™.
So which security posture are you currently using on your network and in your organization?
We're guessing it's Default Allow – which means any unknown file is allowed in to your network, making your chance of being infected VERY HIGH.
But White Listing??
Now you're probably thinking... "Hey, Tetris TM is fine and all, but I have other things I need to do. How do I protect my organization and get anything done?"
