Are Host-Based Security Systems Powerful and Important?

a laptop turned on with a "protection sign and a lense

a laptop turned on with a "protection sign and a lense

Many companies have moved over the last couple of years to a managed service provider who gives them a web hosting solution.   They have done so because they have been forced by a downturn in their bricks and mortar business to move to e-commerce, hence a need for a web hosting solution.

At the same time, IT has been under severe budget pressure and needs to find a cost-effective way to fund the transition while keeping the existing systems operational. They also have concerns about security, accessibility, support and future growth.

This brings to the fore the concept of Host-Based Security Systems.

 

 

 

What are Host-Based Security Systems?

 

Three devices connected and the protection sign infront of them

 

In large corporate networks, both network and desktop equipment must be kept up to date with security patches over perhaps several sites. Even in small networks auditing servers and desktops is a time-consuming and hence costly process.

 

It seems that new patches are appearing daily and keeping up to date is like pushing water uphill. It’s not just applying them, they need to be tested first, to make sure that unexpected software conflicts don’t arise. This means the application of resources to monitor and control the security environment, and the very real possibility of incomplete or mismatched patch management leaving vulnerabilities in network security.

The move to working from home and providing remote access to systems for staff and customers has also brought new challenges.  IT is no longer in control of what is attached to the network, and a rogue laptop or smartphone dropping malware onto a server could cause havoc.

 

The answer to re-establishing a secure perimeter is to move it to the host. Basing protection on the host using firewalls and malware protection systems means that there are far fewer places to monitor and control.  A further advantage is in preventing the spread of any malware that does make it through. Monitoring outgoing traffic can stop malware from spreading among other servers and user equipment. It can also stop data theft by preventing uploads to Cloud-based storage like DropBox.

In essence, adopting host-based security systems puts each server in its own sanitary bubble, and eases the management and control.

 

 

Host-based Security in a Windows Server Environment

 

Strictly speaking, host-based anti-malware systems are needed equally in both windows and open systems environments.

A problem in the past was keeping desktop anti-malware up to date.  Each desktop needed to be individually updated, usually during working hours.  As a result, some were updated, and some weren’t updated, creating loopholes in network security.

 

A further complication was that security was IT’s problem, ignoring the reality that most malware exploits happen because of user’s actions, malicious or simply in error.

With a move to Host-Based Security, anti-malware software and the associated updates can be pushed out to attached devices, and updates installed outside working hours, keeping all devices in step.

 

 

An HBSS example

 

If we look at the US Department of Defence as an example, their HBSS is not a single application, more of a suite of applications, each member of which is focussed on a particular aspect of security.

Obviously, they tend not to give out too much detail, but as of 2011, the suite had six major elements. Things will have changed, but the overall thrust of their HBSS will remain the same:

 

  • A Policy Auditor that checks verifies, and maintains computer policies on attached devices.
  • A Device Control module that manages USB attached devices. A common way to steal information is to copy it onto a flash drive, a device that can be easily concealed.
  • Rogue system detection. This module inspects new hosts attached to the network.
  • A Host Intrusion Prevention System, a very powerful firewall.
  • An Asset Baseline module that keeps all software up to the latest release and patch level; and
  • A reporting subsystem.

An HBSS in a commercial environment will have the same characteristics.

 

Secure Domain Hosting

 

A managed service provider like HostSailor operating VPS server environments has a clear interest in making sure that their security is of the highest calibre.  Each VPS instance needs to be secure from internal intrusion by other VPS users, and from external threats.

 

Customers need to be satisfied that their information, especially Intellectual Property and any financial information held as part of an e-commerce application is secure, and that appropriate policies and procedures are in place to do so.

 

That is where an HBSS is of especial interest to a managed service provider.  By moving to Host-based security they can manage the overall security environment for all customers and offer enhanced security for individual VPS instances.

 

It is especially suited to a managed antimalware environment.  All attached devices can be kept up to date automatically without any intervention, thereby ensuring maximum protection for customers

 

Conclusion

 

The new reality of post-pandemic computing, now largely based on working from home and remote access needs an HBSS to provide the level of security that users and customers want.

 

we are well aware of this, and our skilled and trained staff will be pleased to discuss your HBSS needs with you.

  • Share: