Joe Donovan Prudential Financial
Back in 1999, Prudential Financial embarked on a large-scale enhancement of its anti-virus architecture. This process has continued, with good results: In 2001, we were able to deflect the majority of malware threats that bombarded all of us.
However, several viruses, most notably FunLove and Nimda, found the chinks in our armour, while bringing home the sobering message that current defenses may not work so well with new threats. While we stopped Nimda-infected email attachments, we were not prepared for the assault we sustained from the Internet, and from internally infected IIS servers.
2001 brought some huge changes in our business and cultural model: we are now a publicly traded company, operating in the harsh light of Wall St. We are enhancing our e-commerce presence and relying more on the Internet; `Better, Faster, Cheaper' leads to innovative, less monolithic business processes. We have opened up Internet access, with all the rewards and risks this poses, to our associates. Mobile and remote access increases our reach and our risk.
Our Anti-Virus procedures will also need to follow the `Better, Faster, Cheaper' model of performance in 2002. Our experiences last year underscored a need for improvement in several areas of our anti-virus architecture: metrics, management, and communication.
Cooperation among disparate business groups that don't always work together becomes a necessity; what is the best way to leverage the talent at hand? How do we apply security policies that protect while not restricting legitimate business activity? What can we do with our current anti-virus solutions and our network infrastructure to fight off new threats? What new tools can help us?
This paper will define the challenges that we face in improving our anti-virus architecture to combat present and future threats. However, rather than just focusing on technology (hardware/software) solutions, we will also discuss the `soft' part of our defense perimeter; the people, policies, and plans that bring everything together.
In the end, I hope to give the reader an idea of how we intend to combat new threats to a large corporate IT environment, and to open these plans to discussion, with the hope that they can be used and improved upon.
