Special Edition is the blog for security testing business SE Labs. It explains how we test security products, reports on the internet threats we find and provides security tips for businesses, other organisations and home users.

Friday, 4 October 2019

Anti-malware is just one part of the picture

Beefing up security advice with facts

Latest reports now online for enterprise, small business and home users.

At SE Labs we spend our time testing things that are supposed to protect you but we also understand that securing your business, or your home network, is never as simple as installing one or more security products.

The risks are many and varied, but the ways to mitigate them are often most successful with a good dose of common sense as well as the appropriate technology. You just need to think things through carefully and make sensible decisions.

Fortunately, there are some schemes out there to help you through the process. In the UK small businesses might consider the Cyber Essentials certification, which helps you address the most common computer security threats.

The five technical controls involve securing internet connections; using security devices and software; controlling access to data and services; using protection from viruses and other malware; and keeping devices and software updated. All good advice and worth following, whether or not you want to achieve certification in the UK.

However, while the advice is good it not very specific. For example, you should install anti-virus software but neither the documentation nor the consultants you talk to will tell you to choose a good product. Any anti-virus will do, it seems!

A more international option is ISO 27001, which is a Standard covering information security management systems. Completely over-the-top for home users and small businesses, but ideal for enterprises and smaller companies that work with sensitive data, this certification puts IT security into a central role in the way an organisation operates. It doesn’t specify what sort of anti-virus, firewalls and other systems should be used, but it leads you to research further and consider the risks when choosing security solutions.

So, while testing is not the be-all and end-all of choosing a good security system, it can definitely help. The testing behind this report is conducted in the most thorough and transparent way and the results are used by consultancies and large businesses around the world to help with purchasing decisions. This free report gives you an insight into the sort of advice that these large organisations follow when building a good security system.

-

If you spot a detail in this report that you don’t understand, or would like to discuss, please contact us via our Twitter or Facebook accounts.

SE Labs uses current threat intelligence to make our tests as realistic as possible. To learn more about how we test, how we define 'threat intelligence' and how we use it to improve our tests please visit our website and follow us on Twitter.

This test report was funded by post-test consultation services provided by SE Labs to security vendors. Vendors of all products included in this report were able to request early access to results and the ability to dispute details for free. SE Labs has submitted the testing process behind this report for compliance with the AMTSO Testing Protocol Standard v1.1. To verify its compliance please check the AMTSO reference link at the bottom of page three of this report or here.

UPDATE (17th October 2019): The tests were found to be compliant with AMTSO's Standard.

Our latest reports, for enterprisesmall business and home users are now available for free from our website. Please download them and follow us on Twitter and/or Facebook to receive updates and future reports.

No comments:

Post a Comment