Joseph Smith, Interim Director of IT, University of Maryland Eastern Shore

Endpoints Are Part of One Giant, Integrated System

  • Given the unlimited time and resources available to determined attackers, an active security strategy is the better approach against an enemy that has a built-in advantage.
  • A security strategy that combines activity monitoring, automated triggers, and limited endpoint functionality can quickly sacrifice endpoints to limit the spread of an attack.

“You need to look beyond simple definition-based, signature-based patterns to behavioral patterns. The attackers are smart. They know what you’re going to look for.”

To secure the collaborative IT environment that’s needed in a university setting, Joseph Smith, interim director of IT at the University of Maryland Eastern Shore, oversees a defense in-depth strategy that includes traditional perimeter-type defenses, limits functionality at user endpoints, and performs behavior analytics across the system. “The objective is to observe, catch unusual behaviors as fast as possible, and perform threat analysis based on the possible that could occur,” says Smith. Given the unlimited time and resources available to determined attackers, Smith believes a proactive security strategy is the better approach against an enemy that has a built-in advantage.

This is an excerpt from 10 Experts on Active Threat Management. The eBook was generously sponsored by CounterTack.