The latest data breach research is out, and there are some eye-opening nuggets. According to Ponemon’s research, the average time to detection of a breach is 256 days – more than 8 months!!! The average per-record cost of a breach varies from as little as $126 in the media industry to $215 for financial services and $363 for healthcare… all while the overall cost of breaches keeps climbing and is now at $6.5 million in the US, or $217 per record.
Unpatched Systems are a Favorite Attack Vector
According to a Network World post, 90% of successful hacks are waged against unpatched computers. Since there are various unpatched systems with vulnerabilities as old as 3 years, attackers are using traditional attack vectors instead of spending expensive resources acquiring zero-day-exploit tools and techniques. By compromising endpoints through spear-phishing or malvertising campaigns, they capitalize on unpatched systems to exploit their vulnerabilities.
Use Sandboxing to Supplement Patching
Application patching is a good practice, but with so many applications it can become a daunting task. Therefore, patching is not the only answer in mitigating the endpoint security vulnerabilities. It needs to be combined with some kind of sandboxing application that contains the web browsing user’s experience and closes the zero-day-exploit vulnerability.
Sandboxing is a virtual application running the browser application. When the user is done, it closes and deletes any files that were associated with that session – thus containing and deleting any signs of malware that the user may have downloaded.
Desktop programs aren’t generally sandboxed. You can use virtual machines or sandboxing programs to keep the application from affecting the rest of your system.
- Virtual Machines. Programs like VirtualBox or VMware create a virtual hardware to run in a window on your desktop and restrict access to anything outside of the VM. VM programs also allow you to revert the operating system back to the previous state before installing any bad software.
- Sandboxie. Sandboxie is a Windows program that creates sandboxes for Windows applications by creating virtual environments to isolate programs. This is particularly useful for testing software.