In the blog Documents: a Hackers Gateway to your Enterprise I discuss a new approach to reducing the risk of malware embedded in documents, as anti-virus solutions are no longer that effective.
The concepts introduced in the blog are now expanded upon in a Nexor Briefing document Preventing Document-Based Malware from Devastating your Business.
What is more, UK Government customers can purchase Nexor Merlin and the supporting implementation services from G-Cloud.
This last point “the supporting implementation services” is really important. Good technology fails, if poorly implemented. You service your car regularly, because you know that if you don’t keep the oil topped up, and replaced regularly, the engine in your car will seize up, not work and cost a lot of money in repairs. Security products are not that different. It’s the equivalent of buying a firewall, then configuring it to “let all traffic pass”. Such tools are only as good as the implementation / configuration and ongoing maintenance. Sadly too many people seem to overlook this and expect the security technology silver bullet to solve everything.
Note to consultants: please don’t pour oil into a security appliance – it’s a metaphor.