As enterprises grapple with the effects
of the ZoTob worm, network management solutions company MetaInfo has this
advice for businesses that wish to avoid similar situations in the future:
consider authenticating computers before they have access to core network
services, not after.

“More than 80 percent of the internal security breaches our customers
encounter are accidental,” said Grant Asplund, president of MetaInfo. “This
is due to the fact that most networks today allow computers unencumbered
access to the core services required in order to authenticate and verify the
systems. Worms, viruses and other malware can be unleashed in the few
seconds that it can take the network to authenticate a user, with
devastating effects.”

As with the ZoTob worm, laptops are typically the culprit for most malware
that finds its way on the network, said Asplund, and the user of the laptop
generally has no idea that it is infected. Anti-virus and other network
security software often deals with malware too late for many enterprises —
after it is on the network. However, to help prevent malware from ever
reaching the network, organizations should consider implementing network
endpoint access protection controls, which protect the network at the point
of accessing core network IP services such as DNS, DHCP and the TCP/IP
address every system requires, said Asplund.

With the company’s Meta IP software, MetaInfo has taken a unique approach to
endpoint access protection by adding an extra layer of protection at the IP
(Internet Protocol) level, which is a component of all computer networks.
Unlike legacy network systems such as those provided free in network
operating systems, Meta IP quarantines all computers trying to gain access
to core network services while it authenticates them and makes sure they are
safe to access the network. “By taking this approach, our customers are
able to eliminate most, if not all, of the accidental infections from
internal access,” said Asplund.

For further
information, please contact MetaInfo by phone at 206-674-3700 or visit the
company’s web site at