037
CHECK POINT 2013 SECURITY REPORT
05
_ SUMMARY AND SECURITY STRATEGY
them when browsing the Internet or sharing sensitive
data. At the same time, security should be as seamless
and transparent as possible and should not change the
way users work.
Implementation of a security program should include:
An education program – ensuring that all users are
aware that systems are potentially vulnerable to attacks
and that their own actions may allow or help prevent
them.
Technology - advising people in real time as to why
certain operations are risky and how they could conduct
them in a secure manner.
Enforcement
Deployment of security technology solutions such as
Security Gateways and Endpoint software is critical
for protecting organizations from security breaches
and loss of data. Security Gateways should be installed
at all interconnects, ensuring that only relevant and
authorized traffic is entering or leaving the network.
This validation should be done in all layers of security
and on all communications, protocols, methods, queries,
responses and payloads using Firewall, Application
Control, URL Filtering, DLP, IPS, Anti-Virus and Anti-
Bot security solutions.