The reality of malicious code and virtualization solutions

October, 03, 2013 Scott Martin

Even with my experience in the IT/InfoSec industry, I'm frequently amazed by the new and innovative lengths people go to with existing, old tools to try to protect their systems and intellectual property.  

It used to be: "All we need is Anti-Virus."  Those days are long past.  At the turn of the century, Firewalls became critical and a mainstay of physical security, defense-in-depth, rolled into the technology arena.  Now, Information Technology and Information Security departments have dozens of tools available for them from basic IP blacklisting to Content Filtering with proxies and DLP.  We've continued to add layers in an effort to keep the problem contained.

But this isn't a history lesson - it's a request for comments from those that are on the front lines.  If you're reading this blog, you're obviously interested in securing your system/network/infrastructure and protecting yourself from malicious code.  Perhaps you just had an 'event' and you're looking to see what you can do to prevent future events.

We recently published a white paper on how browsing the internet with traditional browsers (e.g. Internet Explorer, FireFox, Chrome, etc...) has become the single largest source of malicious code to user's systems.  We presented one method to counteract this avenue of attack (available on in the Company Downloads).  Doing some additional research on the subject (working on my next project), I've put together a survey that anyone can do to gather some real information on how others deal with malicious code.  My objective is to see if others are using Virtual Desktop Infrastructure or dedicated Virtual Applications for malware prevention and see what's current in the real world.

Full disclosure:  As a part of Spikes, Inc., this research is being used to make our product better.  

The survey will take a 4-9 minutes and would be extremely helpful to this research.  Feel free to pass this on to your associates or friends that may be interested in the results as well - the survey was designed to be taken at all levels of any organization.

I look forward to sharing the results of this research soon!  

Thanks in advance,

Scott Martin, CIO, Spikes, Inc.

Keep informed.