Kaspersky Endpoint Security For Business Sales Training (All Modules) - PDF

HOW TO SELL MORE…
… KASPERSKY ENDPOINT SECURITY

FOR BUSINESS SALES TRAINING
Giving you the What’s most important How we help It’s because Which ‘tier’ for Which types of business Additional Glossary
tools for success to your customers? customers we’re different… which customer? should you be targeting? Materials
Giving you the tools for success How the course will help you convert more leads
into sales:
Whether you’re new to selling Kaspersky Lab security solutions or you’ve been
selling our products for many years, this short training course will help you to • By focusing on the business issues that customers face — and avoiding ‘product-
‘position’ and sell Kaspersky Endpoint Security for Business more effectively — led messaging’ — you’ll be able to empathize with customers… and demonstrate
to the widest possible range of business customers. we’re ‘on their side’, ready with solutions to their pain points.
• Because every business suffers these same pain points… you’ll be able to prove
that Kaspersky Endpoint Security for Business delivers functionality that every
Here’s what we’ll cover: size of business needs… from small businesses to medium-size businesses
to multinational enterprises… regardless of which vertical market sector they
• The ‘pain points’ that customers need to address operate within.
• How we help to solve these business issues • You’ll be able to demonstrate that superior security can have a massive effect
on a business’s ‘bottom line’… and prove that Kaspersky Lab’s multi-layered
• Dispelling the myth about anti-malware solutions anti-malware technologies are more effective in defending businesses against
• The Kaspersky Lab difference — and how it generates benefits for customers attacks that can inflict severe damage on reputations, profitability and market
share.
• Which tiers of KESB suit which types of customers
• In addition, you’ll be able to show prospective customers that Kaspersky Lab
• Which business segments we should be targeting isn’t just about superior anti-malware… and that we’ve got business security &
• Links and tips for further viewing & reading management solutions that deliver an extremely rich set of functionality and
generate a wide range of tangible business benefits. This will help you to engage
with customers as a ‘strategically important supplier’ — and work towards
achieving ‘trusted advisor’ status in your customers’ eyes.
Make sure you pass the test!

After you’ve completed this course, there’s a simple test that you’ll have to pass
in order to achieve Advanced Sales Accreditation for Kaspersky Endpoint Security
for Business. Don’t worry… all the answers can be found in this course. So grab
a coffee, sit back, listen, take a few notes… and you shouldn’t have any trouble
getting top marks!
2 © 2015 Kaspersky Lab. All rights reserved

Deal with the issues | Business Continuity | Data Protection | Mobility | Regulatory Compliance | Reducing Operating Costs
What’s most important to your

customers?
At Kaspersky Lab, we’ve got a lot to be proud of:
World-class security expertise
• We have world-class security expertise at every level of the businessstarting with at every level of the business —
our CEO, Eugene Kaspersky. That’s why we’re a technology-driven company — starting with our CEO, Eugene Kaspersky
from top to bottom — and we’re recognized for our constant innovation.
• Over the years, our Global Research and Analysis Team (GReAT) experts have
been the first to uncover many of the world’s most dangerous malware threats Global Research
and targeted attacks. and Analysis Team
• Leading international organizations — including INTERPOL and Europol — have

invited us to work alongside them.
The most widely
• We’ve got an enviable track record in developing innovative, easy-to-manage Over 130 OEMs
respected industry
security technologies that deliver significant benefits for businesses… both in analysts
terms of protection and operational efficiency.
Leading international
• Independent tests show that our security products are more effective than other organizations
vendors’ offerings. We win more awards than any other security vendor.
• The most widely respected industry analysts — including Gartner, Inc… Forrester
Research… and International Data Corporation (IDC) — rate us as a leader within Developing innovative,
easy-to-manage security
many key IT security categories.
technologies
• Over 130 OEMs — including Microsoft, Cisco Meraki, Juniper Networks, Alcatel
Lucent and more — use our technologies within their own products and services.
We win more awards
than any other security
However, when we’re first trying to start a meaningful dialogue with a potential vendor
customer, these points are of secondary importance.
Because customers rightly focus on dealing with the issues that they face in
their working lives… we need to focus on showing how we make it easy to solve
those very same issues… before we later go on to explain a few things about our
best-of-breed products and our heritage as a leader in IT securit.

Deal with the issues that affect them

There are many issues or ‘pain points’ that can affect the success of every
business — whatever the size of the organization and whichever market sector BUSINESS
it operates within. So let’s consider some of the most challenging issues that all CONTINUITY
businesses have to deal with:
• Business Continuity — the basic need to minimize downtime and keep the
business running smoothly
• Data Protection — securing the business’s own information and sensitive data
that belongs to third parties
• Mobility — enabling remote access to business systems & data… without
compromising security REGULATORY DATA
• Regulatory Compliance — ensuring the business avoids penalties, prosecution COMPLIANCE PROTECTION
and negative publicity
• Reducing Operating Costs — meeting the ongoing need to ‘Do More and
Spend Less’
Later, we’ll consider how Kaspersky Lab helps to solve each of these issues for
our business customers… but, first, let’s take a closer look at each of these pain
points…
REDUCING MOBILITY
OPERATING
COSTS

Business Continuity
This is all about ensuring the business is able to continue its day-to-day operations:
• Ensuring all mission-critical processes can run… totally unimpeded

• Delivering the IT services that help employees to perform their work tasks
• Enabling interaction with customers, suppliers & partners — including online
DAMAGED
interaction REDUCED
RELATIONSHIPS
PRODUCTIVITY
WITH SUPPLIERS
With IT infrastructure underpinning almost all mission critical operations — the need
to avoid IT downtime is an essential element in ensuring business continuity.
LOST SALES
If IT downtime means employees can’t perform their work tasks — or the business’s
REVENUES
customers are prevented from accessing the company’s online resources —
the business is likely to suffer:
• Reduced productivity — as a result of disruption and delays affecting internal FINANCIAL

business processes PENALTIES
• Lost sales revenues — if customers can’t access the business online, they may
choose competitors’ offerings
• Financial penalties — for failing to comply with Service Level Agreements or
other contractual commitments
• Damaged relationships with suppliers — if payments are delayed or ‘goods-in
processing’ issues prevent deliveries
In addition, bad publicity about an extended period of downtime can significantly

damage a business’s brand image… and reestablishing the business’s good
reputation may take several years.

Malware’s devastating impact on business continuity

Malware infections can be a major cause of IT downtime and delays — and
reversing their damaging actions can distract IT departments from vital, strategic
projects. Although some infections may only slow down internal processes or make
the business’s website less responsive than normal, other infections can totally
disrupt essential processes or take the business offline.
Estimates suggest that — for small businesses — the average direct costs of
a malware infection are $50,000 per incident. However, if we add in the indirect
costs of lost sales and reputational damage, the total costs for each infection will
usually greatly exceed this figure.
For larger businesses, the costs of each malware infection incident can be much
higher.
So… malware-related downtime isn’t an option — for any size of business.
… but even anti-malware can damage business continuity

While only a few businesses fail to understand the need for IT security… sadly, some
others fail to realize that choosing the ‘wrong’ security solution can also have a
detrimental effect on business continuity.
Poorly designed, inefficient anti-malware solutions can absorb significant computing

resources… and that means the very anti-malware scanning processes that are
meant to be protecting a business — and helping to maintain business continuity —
could be severely hampering IT performance… slowing down internal processes for
employees and making the business’s website unresponsive for customers.

Data Protection
Today, businesses process and store massive volumes of information, including:
• Their own intellectual property

• Designs and ‘know how’ that are owned by business partners
CONFIDENTIAL,
• Confidential, personal information about employees PERSONAL
• Sensitive information about customers THEIR OWN INFORMATION
INTELLECTUAL ABOUT
Leakage of any of this data can be very damaging: PROPERTY EMPLOYEES
• The business’s competitive edge — that may have been achieved as a result of
significant investment in the development of new products and services — can be
totally lost if information finds its way into the wrong hands.
DESIGNS AND
• Business partners may sue for compensation if confidential details about their
‘KNOW HOW’ THAT SENSITIVE
designs and products are revealed.
ARE OWNED BY INFORMATION
• The business’s employees may seek legal recourse if personal data is not BUSINESS ABOUT
protected… and — in addition to financial penalties — this type of data leakage PARTNERS CUSTOMERS
can damage the business’s relationship with its entire workforce.
• Customers may sue the business if confidential information or credit card & bank
account details are leaked.
Again, just as malware attacks can lead to bad publicity, data leakage incidents can
significantly damage a business’s reputation… and dissuade potential customers —
even if the data leakage incident had no direct effect on them.

Mobility
Giving remote or mobile workers direct access to corporate data and systems — via
mobile devices, including smartphones and tablets — has become an essential part
of modern business.
Increasing numbers of businesses are also extending mobile access to include

Bring Your Own Device (BYOD) — whereby employees can use their own mobile
devices to access corporate systems. This brings additional benefits for the
business… including reduced costs and improved productivity. However, there are
issues that mobile access — and particularly BYOD — can introduce… especially
around the protection of confidential data.
The use of personally-owned mobile devices also greatly increases the chances of
other security problems — including the introduction of malware onto the corporate
network.
Furthermore, because BYOD lets employees choose the manufacturer and model
of device they use to access the corporate network, IT administrators are faced with
having to manage an almost endless range of devices and operating systems.

Regulatory Compliance
In most territories, regulators are placing increased demands on almost all types of
business. Furthermore, within some vertical market sectors — such as healthcare —
there are often additional regulations that must be complied with.
Companies that fail to comply with local regulations may be subject to financial
penalties and — in some cases — the company’s senior officials may be liable to
criminal charges that may result in custodial sentences. In some vertical market
sectors, failure to comply with regulations could also result in a business losing its
license to operate.
For multinational businesses, there may be many different regulations that apply
to the different regions that the business operates within — and they all have to be
complied with.
Obviously, compliance is an issue that affects most — if not all — operations across
a business. It’s a complex issue — and not one that any single product or policy can
fully address. Instead, every department within a business has to ensure all of its
processes and practices help to contribute to the business’s overall compliance.
This includes taking care to make the appropriate investments in Systems
Management and IT Security solutions — and ensuring the available product
options are adequately assessed, to evaluate whether they will deliver maximum
benefit in helping the business to achieve overall compliance.

Reducing Operating Costs

In recent years, the pressure for all businesses to ‘Do More and Spend Less’ has
been relentless. This affects every department within a business — including IT.
Obviously, the ‘Do More and Spend Less’ mantra means that security breaches —
and the very high costs associated with these incidents — are to be avoided at all
costs. Well… let’s make that almost at all costs. While security incidents have to
be prevented, businesses also have to ensure their choice of IT security product
doesn’t come with a high total cost of ownership and doesn’t place an excessive —
and expensive — load on the business’s IT administration personnel. So it’s
important that a business chooses IT security solutions that combine rigorous
protection technologies… plus ease of use and manageability.
Similarly, a well-designed systems management product can help to automate

everyday IT management tasks and ease the burden on IT administrators… which
helps to control overall operating costs.
Furthermore, some security solutions and systems management products can also
help to minimize the distractions that can impact the productivity of employees.

Dispelling the anti-malware myth | That’s enough about the myth... | Business Continuity | Data Protection | Mobility | Regulatory Compliance | Reducing Operating Costs
How we help customers

In this section, you’ll get a brief overview of how Kaspersky Lab’s security
technologies address specific pain points for businesses… but first, we need to deal
with myth and misconception in the security marketplace…
315,000
EVERY DAY
Dispelling the anti-malware myth
Despite what some vendors claim… anti-malware is not a commodity item. It’s
not a case of ‘any vendor’s anti-malware is as good as any other vendor’s anti 99,7%
malware’… far from it. 99,1%
At first sight, the difference between a product that stops 99.1% of malware and
one that stops 99.7% of malware may seem very small — but let’s take a closer look
at the figures.
Every day… at Kaspersky Lab, we detect more than 315,000 new items of malware.
So a 0.6% difference in malware detection & blocking means the product that is
only 99.1% effective is potentially letting 1,890 more malicious software programs
slip through onto customers’ systems… every day.
Over a period of a year, that’s an extra 689,850 malware items that a business
could be subjected to… and all for the sake of a 0.6% difference in anti-malware
performance. Faced with that unnecessary level of additional risk, it’s just a matter
of time before one of those malware items causes serious damage to the business.
Although that’s already a compelling argument for taking some extra care over the
selection of anti-malware products… even that’s not the full story about the risks
that some businesses are taking.
It’s not just a matter of the sheer volume of additional malware that can evade
detection… there’s also the question of the exact nature of those threats that are
continually slipping past the average anti-malware product.

The most dangerous threats to business … but why does the ‘commodity’ myth persist?
If we divide malware into known threats, unknown threats and advanced threats — Well, perpetuating the myth is in the interests of every vendor that can’t match
it’s the unknown and advanced threats that are both harder to block and are Kaspersky Lab’s performance in detecting and blocking malware. Because they
capable of doing the most damage. The reality is… that extra 0.6% that we protect can’t beat us where it matters — in the vast number of independent tests that we
against could be the most important threats that businesses need to avoid. They’re participate in — some vendors may try to pretend that relative performance is no
some of the most dangerous and most destructive items of malware… including longer important.
Advanced Persistent Threats (APTs) that relentlessly target individual businesses.
Whereas some vendors focus on blocking known threats and other vendors focus
So… anti-malware is not a commodity item. Not all anti-malware solutions are on APTs… our technologies protect against all classes of malware… and that’s one
equal… and that extra 0.6% — that we can detect versus some competitors — can of the reasons why we achieve greater success in reviews and tests.
mean a massive difference to our business customers.
Closer to home, here’s a story from one of our own sales team
What’s all the fuss about APTs?
Before joining Kaspersky Lab, he spent 7 years successfully selling one of our
If you’d like to learn more about why APTs are getting so much coverage in the competitors’ products… but perhaps the competitors’ technologies were rather
press — and why they’re a hot topic for potential business customers — we’ve got less successful when it came to living up to their marketing department’s claims.
a short training module on APTs and how we protect against them. For the majority of his sales… within a few weeks of the software being installed,
he’d have to take a call from the angry customer — questioning him about why their
infrastructure had been penetrated by malware.
Since joining us in mid 2013… and selling a lot of Kaspersky Lab solutions to
businesses, he’s not had to deal with a single complaint about malware penetration.

That’s enough about the myth...

let’s get back to the real issues
BUSINESS
So… let’s take a closer look at how we help customers to deal with those pain
points that we considered earlier… CONTINUITY
• Business Continuity
• Data Protection
• Mobility
• Regulatory Compliance
• Reducing Operating Costs
REGULATORY DATA
COMPLIANCE PROTECTION
REDUCING MOBILITY
OPERATING
COSTS

Business Continuity
With nearly 115 million new malware items being unleashed in the last year, the
task of defending a business against infections is no trivial matter. The sheer
volume and variety of malware threats calls for multi-layered defenses that are
capable of protecting a business against:
• Known threats
KNOWN ADVANCED UNKNOWN
• Unknown threats THREATS THREATS THREATS
• Advanced threats
Kaspersky Lab offers integrated, multiple protection technologies that work

together — totally seamlessly — to defend against all types of malware.
Blocking known threats

Kaspersky Lab’s malware signature database is bigger and is updated much more
15,000,000
frequently than many other security vendors’ databases. These cloud-assisted
updates help to ensure known malware is effectively added to our ‘black list’ more
rapidly — so malware is prevented from launching on a business’s endpoints.
Further Kaspersky Lab protection against known threats includes:
• URL filtering — to protect against websites that contain malicious code

• Anti-Phishing — to guard against phishing attacks that try to steal money or
confidential information… including bank account details

Identifying & blocking unknown threats across their entire network — so traffic levels can be easily managed and ‘update
storms’ can be avoided.
Vulnerabilities — within applications or the operating system — are one of the
most common ways in which hackers and cybercriminals attack systems. These
vulnerabilities are effectively bugs inside the application software. Even though the
bugs may be known vulnerabilities, they can enable new, unknown threats… so all
vulnerabilities need to be patched as soon as possible.
APPLICATION
Kaspersky Lab’s Vulnerability Assessment and Patch Management functions are STARTUP
KASPERSKY CONTROL
an effective way of automatically finding known vulnerabilities on a business’s SECURITY
endpoints… and then automatically patching them… so hackers and malware can’t NETWORK APPLICATION
use those vulnerabilities as an open gateway into a business’s systems.
ACTIVITY
Patch Management can play a vital role in making organizations more secure. MONITOR
However, it’s an area that a lot of businesses struggle with… which means many
APPLICATION
businesses are failing to apply patches that have been available for months or even
PRIVILEGE
years. By automating the entire Vulnerability Assessment and Patch Management
CONTROL
process, we reduce the load on administrators and — most importantly — we rapidly
plug the security ‘holes’ that provide the entry point for the vast majority of malware
penetrations. HOST-BASED
INTRUSION
Businesses that think they’re doing enough… simply by applying Microsoft’s weekly PREVENTION
SYSTEM (HIPS)
updates… are leaving the door open for malware. All applications and operating
& PERSONAL
systems have to be monitored for vulnerabilities — and should have patches applied FIREWALL
as soon as they become available… instead of waiting for a weekly update. - What is Anti-Phishing?
- What is URL Filtering?
Our Vulnerability Assessment and Patch Management technologies don’t just
work with Microsoft software… they also work with a wide range of applications
from many other software vendors. We maintain our own Vulnerability Assessment
database and we gather valuable information from the cloud-assisted Kaspersky
Security Network — so we have up-to-date information on which vulnerabilities are Cloud-assisted anti-malware protection
being exploited and how dangerous each vulnerability is.
We also use the power of the cloud… as one of our methods of protecting
Whereas other vendors may offer only Vulnerability Assessment or Patch businesses against new, unidentified threats. The Kaspersky Security Network
Management tools, Kaspersky Endpoint Security for Business includes fully (KSN) collects anonymized, ‘live field data’ about malware and suspicious
integrated Vulnerability Assessment and Patch Management… and, by working behavior — from 60 million volunteers’ devices. This continual collection of
together, these technologies enable automatic discovery and elimination of depersonalized, real-time data about threats — from every corner of the world —
vulnerabilities. In addition, flexible settings let administrators schedule patching helps us to provide all of our customers with a more rapid response to new attacks.

Independent tests have shown our cloud-assisted protection can respond to new The team is constantly analyzing new cyberthreats. With this detailed
threats in as little as 0.02 seconds. understanding of new attacks — and the methods they use — we can provide our
customers with more efficient security… and deliver protection against advanced
Further protection technologies… against unknown threats threats much more rapidly.
Our Host-based Intrusion Prevention System (HIPS) and personal firewall help
administrators to manage and control both inbound and outbound traffic on their
network — and this helps us to prevent attacks by hackers. Administrators can set
parameters for individual ports, IP addresses or specific applications.
DYNAMIC
In addition, Kaspersky Lab’s flexible Application Control tools give a business WHITELISTING
granular control over how applications are allowed to run on the corporate
network — and this can be very valuable in protecting against unidentified threats:
• Application Startup Control — makes it easy for administrators to grant, block or

audit each application
• Application Activity Monitor — lets administrators monitor and classify each
application… as ‘untrusted’, ‘restricted’ or ‘trusted’
• Application Privilege Control — lets administrators manage whether an
application is allowed to access specific system resources, such as the file
system or the registry
Protecting against advanced threats

In many ways these are some of the most dangerous threats. However, they’re often
the most difficult to identify and to protect against… and that could be why so many
of our competitors seem to neglect these threats.
By contrast, Kaspersky Lab devotes significant research and development

investment to defending businesses against advanced threats. Dynamic whitelisting — helps enable a Default Deny policy
In addition to running our in-house Anti-Malware Lab, we’re the only security vendor
Advanced expertise… detects more advanced threats
that has invested in establishing its own Whitelisting Lab. So we simultaneously
Kaspersky Lab’s industry-leading IT security experts — the Global Research & monitor both suspicious software and ‘clean’ software. This boosts our
Analysis Team (GReAT) — are recognized for discovering more advanced threats and performance in locating advanced threats — while also helping us to avoid ‘false
targeted attacks than any other security vendor. positives’ for ‘clean’ software.

Our Whitelisting Lab receives commonly used applications from various sources Customers are about to get a whole lot more interested in Default Deny
on the Internet and uses intelligent systems to check each application for security
Gartner, Inc has stated: “By 2017, more than 50% of end-user PCs will be restricted
risks. Then, updates for our dynamic whitelist of applications are automatically
to running only apps that have been pre-inspected by a trusted authority or
distributed through the cloud-enabled Kaspersky Security Network onto our
corporate IT, for security and privacy risks — up from less than 20% today.”
customers’ systems — so our customers benefit from our latest whitelist data. Our
database of whitelisted applications already includes more than 1.3 billion unique
With this growing trend, the integrated Default Deny capabilities within Kaspersky
files — and the database is growing by a further 1 million files per day.
Endpoint Security for Business are becoming an increasingly important
differentiator versus other security vendors’ offerings.
Because so many new files appear every day, our Whitelisting Lab quickly detects
and classifies them… so we rapidly react to changes in the ‘global software world’.
That’s why we call it Dynamic Whitelisting. Further protection technologies… against advanced threats
We’ve also developed special technologies — including AEP and System Watcher —
By combining Application Control and Dynamic Whitelisting, we make it easy for
that specifically target advanced threats:
businesses to implement a Default Deny policy… whereby all programs are blocked
from launching — except those applications that the business totally trusts and has • Our innovative Automatic Exploit Prevention (AEP) technology helps to ensure
included on its whitelist of safe applications. malware can’t exploit vulnerabilities within the operating system or the
applications that are running on our customers’ endpoints. AEP specifically
It’s worth remembering that none of our direct competitors offer Default Deny
monitors the most frequently targeted applications — including Adobe Reader,
functionality as part of their standard security offerings. However, Default Deny is
Internet Explorer, Microsoft Office, Java and many more — to deliver an extra layer
provided — as standard — in Kaspersky Endpoint Security for Business — Advanced
of security monitoring and protection against unknown threats. AEP has even
and Kaspersky Endpoint Security for Business — Select.
been successful in blocking a number of Zero-Day exploits.
We’re the only security vendor that has established a whitelisting partnership with • When an application launches on a customer’s corporate network, our System
400 vendors — including Intel, Asus, MSI, Citrix, HP and many more. Each vendor Watcher technology will monitor the application’s behavior. If any suspicious
regularly sends us their latest software — often before it has been released on behavior is detected, System Watcher will automatically quarantine the
the market — so that we can add their newest applications to our database of application. In addition, because System Watcher keeps a dynamic log of the
whitelisted software. Again, this helps to reduce the incidence of false positives — operating system, registry and more… it enables the roll back of malicious
whereby ‘clean’ software is mistakenly identified as being malicious. For many actions that the new item of malware implemented before it was identified.
applications, we achieve a false positives rate of nearly zero… and that’s a major
efficiency benefit for businesses that are using Kaspersky Lab security.
We’re the only security vendor that has won all independent industry tests related
to Application Control and Whitelisting technologies — including tests by Dennis
Technology Labs, AV-TEST and West Coast Labs.

Data Protection
There are many ways in which valuable or sensitive information can leak from a
business — and potentially find its way into the wrong hands:
LOSS OR THEFT OF
5% 10%
• Stolen or lost laptops, smartphones and tablets
• Unauthorized copying of data onto removable storage devices TO
• Applications having inappropriate access to data — and sending data outside the
business OF BUSINESS LAPTOPS…
… and Kaspersky Lab has got security technologies that protect against all of these
sources of data leakage.
EVERY YEAR
BAR
Lost laptops and mobile devices
No matter how often a business warns its employees about the costs that can result
from data leakage incidents, the average business will still have to cope with the
loss or theft of 5% to 10% of its business laptops… every year. If we also consider
the compact nature of smartphones and tablets, these devices are even easier to
lose… or for criminals to steal.
Without some method of securing the data on missing laptops, phones and
tablets… there’s a lot of valuable, sensitive information that can leak out of a
business.
Data encryption converts files into an unreadable form — so information cannot

be accessed by unauthorized users. The data can only be ‘unlocked’ and viewed
by users that have the necessary decryption key. If all sensitive data on all laptops
and mobile devices is encrypted, the loss of a device will merely be a temporary
inconvenience — and the security of confidential data needn’t be compromised.

How we protect data on mobile devices

Kaspersky Lab’s Mobile Device Management (MDM) technologies make it easy
to enable and manage the encryption features that are included on most popular
mobile devices.
How we protect data on laptops

The most effective encryption solutions all tend to use industry standard encryption ENCRYPTION
algorithms — and Kaspersky Lab is no different. We use an AES encryption
algorithm with 256-bits of key length — to ensure strong encryption of confidential
data. In addition our encryption has been designed to be FIPS compliant.
We also provide a choice of encryption methods:
• File-Level Encryption (FLE) lets businesses encrypt individual files — so they can
be shared securely, across the business’s network
• Full Disk Encryption (FDE) makes it easy to run an ‘encrypt everything at once’
policy
• A combination of both FLE and FDE — on a system’s internal hard drive — lets
a business encrypt the entire hard drive… while ensuring individually encrypted FILE-LEVEL FULL DISK
files can be securely shared across the business’s network ENCRYPTION (FLE) ENCRYPTION (FDE)
… and all encryption and decryption processes are totally transparent to the user.
In addition, users can encrypt removable storage devices.

Although other data encryption solutions may offer similar functionality, there are Controlling the use of removable storage devices
important differences in how Kaspersky Lab’s data encryption — and other data
protection technologies — are managed… and these differences generate some Small, removable devices can be easily attached to computers — so businesses
major benefits for Kaspersky Lab customers: need to guard against the use of unauthorized devices that can be used to
steal corporate information or could be a source of malware. Our Device Control
• Encryption plus other security technologies — including anti-malware, Application technologies make it easy for a business to:
Control, Device Control and more — are all included within a single set of code
that has been developed in-house at Kaspersky Lab. This means all of our • Control the access privileges granted to devices. The business can set different
security technologies are seamlessly integrated with each other. privileges for:
• Don’t underestimate the value that this level of integration offers our customers. ◦◦ Different types of device
It plays a major role in ensuring stability and high performance… with a very ◦◦ Different device buses
low impact on computing performance. By contrast, the poorly integrated ◦◦ A specific individual device
technologies that some vendors offer within their products can impact IT
• Manage the times during which the business’s device control policies are in
performance and the business customer’s productivity.
operation — for example, to prevent the use of removable devices after office
• Encryption plus other security technologies — including anti-malware, Application hours
Control, Device Control and more — can all be managed via a single, unified
management console. … so data leakage — via removable media — can be avoided.
Again, this is a key differentiator… when compared with some vendors’ products
that have multiple different consoles for managing various different functions. Preventing applications sending data outside the business
Because every function within Kaspersky Endpoint Security for Business can be
managed via a single management console, customers gain greater visibility of As well as giving administrators the ability to block specific applications — or any
their systems and security… plus it’s much easier for administrators to set single of the 89 categories of applications in our database, such as games, multimedia,
policies that cover a wide range of vital security functions — across each different browsers and more — our Application Control technology goes much further than
type of endpoint. These significant manageability benefits help to reduce costs and many other vendors’ offerings.
‘free up’ administrators for other tasks.
Our Application Control tools can easily be configured to control whether specific
• Single sign-on — plus support for smartcards, tokens and non-qwerty applications are permitted to access specific files or folders.
keyboards — help simplify encryption for both users and administrators.
It’s important to note that, as Kaspersky Endpoint Security for Business offers an endpoint security
solution, we enable encryption for data that is stored on the endpoint — including PCs, mobile devices
and removable media. Other encryption functions — such as email encryption — are not included.

Mobility We make it easy for administrators to set up and enforce mobile security policies —
such as mandating the use of passwords on all devices that are permitted access
to the corporate network.
Although the need for mobile security may be a relatively new concept for some
vendors, Kaspersky Lab has long recognized the risks to mobile devices… and the It’s also essential that each device is capable of storing the user’s personal
data stored on them. We were the first security vendor to find mobile malware. That data… separately from business data. Our mobile security technologies include
was back in 2004 — when we found Cabir. So — compared with other vendors — Mobile Application Management (MAM) functionality that lets businesses set up
we’ve had a significant head start in mobile security. a special container for corporate applications and data… and it’s easy to enable
the encryption of all corporate data and ensure the device requests additional
Today, our mobile security technologies protect a wide range of mobile platforms — authorization before a containerized application is allowed to launch.
including Android (plus special support for Samsung’s SAFE criteria for secure
mobile devices), iOS, Windows Phone 8 and more — against the latest malware This containerization or ‘App Wrapping’ — which places corporate applications into
threats. Because we combine traditional, signature-based protection and proactive, an encrypted and isolated container — also simplifies security when a user leaves
cloud-assisted technologies, we can secure mobile devices against newly the business. If an employee resigns, all corporate data can be selectively wiped
discovered threats. from their mobile device — to prevent the leakage of confidential corporate data —
without deleting the employee’s personal data.
In addition to mobile anti-malware, we also provide:
• Application Control features that give a business control over which applications Dealing with lost or stolen phones and tablets
are allowed to launch on mobile devices that are permitted access to the
corporate network. Administrators can implement a Default Allow policy — that If a mobile device is lost or stolen, Kaspersky Lab’s remotely-operated security
only blocks blacklisted applications — or choose a Default Deny policy, so that features give administrators the ability to: Lock the device; Delete the corporate
only whitelisted applications are allowed to run on the mobile device data — or all the data — that’s stored on the device; Find the device’s approximate
location. If someone changes the SIM in the missing device, Kaspersky’s SIM
• Web Control tools that make it easy to block malicious websites and control Watch technology will automatically send the device’s new phone number to the
access to websites that don’t conform to a business’s corporate security or administrator… so the remote lock, find and data wiping features can still be
Internet usage policies — including social networking, recruitment, retailing, operated.
gambling and adult websites, plus proxy servers
• Technologies that can detect and report jailbreak or rooting incidents
Simplifying mobile device management (MDM)
... plus policy enforcement and anti-theft technologies that help to address the
Extensive MDM capabilities simplify the deployment of Kaspersky Lab’s mobile
additional issues that BYOD can bring.
security agent and any other applications that a business wishes to distribute
to mobile devices — either over the air (OTA) or via a tether. All Kaspersky Lab
Securing BYOD initiatives mobile security and MDM features can be centrally managed, from a single
administration console.
If a business’s employees are using their own devices to access the corporate
network, additional security technologies are required. Our MDM functionality includes support for: Microsoft Exchange ActiveSync; Apple
MDM Server; Samsung SAFE.

Regulatory Compliance
We’ve seen that Kaspersky Lab’s security technologies help to prevent the leakage
of confidential information — and, of course, that already addresses one very
important compliance requirement. However, there are additional technologies
within Kaspersky Endpoint Security for Business that help to support a business’s
compliance efforts.
Monitoring and managing software licenses

With corporate IT networks growing in complexity, the task of monitoring and
managing software assets has become much more difficult… and that can
introduce the risk of unlicensed or unauthorized software being installed on
systems — without the business realizing.
Because Kaspersky Endpoint Security for Business automatically discovers all

hardware and software in the business’s IT environment — and records all items
within hardware and software inventories — it’s easy to centralize software license
provisioning and to identify breaches of license conditions.
It’s worth noting that almost every business that runs our automatic discovery and
inventory generation tools is shocked when its first inventory report reveals the
full range of the applications that are running on the business’s infrastructure…
and many customers even discover that forgotten servers are still running in some
corner of their business!
Controlling who can access the corporate network

Because Kaspersky Endpoint Security for Business automatically discovers devices
that are present in the business’s environment, administrators can easily control
which mobile devices are allowed to access the business’s corporate network. At
the same time, administrators can check that each user’s device complies with the
business’s corporate security policies — and automatically block network access for
any user’s device that does not comply.

Reducing Operating Costs Remote troubleshooting and software deployment

Remote access features help administrators to achieve rapid resolution of
Kaspersky Endpoint Security for Business’s superior protection against malware problems on any computer on the corporate network — which helps to ensure user
obviously helps to eliminate the costs associated with malware infections. However, productivity isn’t impacted.
there are many other ways in which Kaspersky Endpoint Security for Business helps
customers to reduce costs. When new software has to be installed at a remote office, our systems management
tools let administrators use one local workstation as the update agent for the
entire remote site. This can greatly reduce the volume of traffic on the business’s
Systems Management… that boosts efficiency network… and speed up the installation process.
In addition to functions that improve security — by assessing vulnerabilities,

managing the implementation of patches and more — Kaspersky Lab’s Systems Web Control
Management tools also help administrators to automate a wide range of
provisioning and management tasks: Because the Internet can be a major distraction during working hours, our flexible
Web Control tools help administrators to:
Simplifying OS deployment
• Monitor and filter each employee’s web browser usage
Automatic features for creating and cloning computer images help to optimize and
simplify the task of deploying operating systems. Computer images can be stored in • Permit, prohibit, limit or audit users’ access to specific websites or categories of
a special inventory, so they can easily be accessed during deployment. websites — including games sites, gambling websites or social networking sites
• Apply controls at specific times of day — and apply different sets of controls to
Application provisioning different job roles
Similarly, we simplify the task of distributing applications across a business’s IT
environment. Administrators can deploy software on command — or according to
their own schedule… such as after working hours. The application deployment
process is also transparent to users — so user productivity is not impacted.

Highly integrated… for easier management and lower costs

As we’ve seen, multi-layered defenses are necessary to provide adequate protection
against today’s sophisticated malware and other threats. However, although ‘multi-
layered’ solutions can sound complex — and, deep inside, they really are — that
doesn’t mean multi-layered security solutions have to be complex and expensive to
manage.
Poorly integrated security solutions — that have not been developed with
manageability in mind — can be time consuming to install, configure and run… and
that leads to increased costs and a greater likelihood of human error and security
gaps. In some cases, vendors offer products that include elements that are not
at all integrated with each other. Instead, individual technologies operate in a
standalone manner — and multiple agents have to be installed and managed.
However, because all of the core technologies within Kaspersky Endpoint Security
for Business have all been developed in house — and are part of one codebase —
all functions are seamlessly integrated… for improved performance and easy
management.
This is a key differentiator for Kaspersky Endpoint Security for Business.
A single management console… for every function
If different security functions are poorly integrated within a protection product,

IT administrators may have to ‘wrestle with’ multiple management consoles and
protocols… just to apply a simple policy across several different types of endpoint…
and that can increase operating costs.
Kaspersky Endpoint Security for Business includes Kaspersky Security Center — the
centralized management console that gives business’s control over all Kaspersky
Endpoint Security for Business security technologies and systems management
tools. Because all functions can be managed from one console, Kaspersky Security
Center helps to simplify day-to-day security and systems management tasks… and
reduce operating costs.
Again, this is another key differentiator for Kaspersky Endpoint Security for
Business.

It’s because we’re different…

… that’s why our security is superior
Our combination of easy-to-manage, rigorous security technologies is unmatched
by any other security vendor… but that’s not the product of some ‘happy accident’… World-class security expertise
it’s the result of our totally different approach and company culture. at every level of the business —
starting with our CEO, Eugene Kaspersky
These differences ‘run deep’… they’re part of Kaspersky Lab’s Security Intelligence
DNA… and that DNA influences everything we do — and how we do everything.
Our Security Intelligence DNA has seven main elements… so let’s look at each in Global Research
and Analysis Team
turn — and see how, together, they help us to outperform other security vendors.
The most widely

Over 130 OEMs
respected industry
analysts
Leading international
organizations
Developing innovative,
easy-to-manage security
technologies
We win more awards

than any other security
vendor

Security that’s built on world-leading expertise… from the top down GReAT experts dig deeper into the threat landscape — to discover how new cyber
weapons operate and to devise innovative ways to defeat them. At any one time,
Whereas most IT companies are run by managers or accountants, Kaspersky Lab’s GReAT experts are researching several dozen complex, targeted attacks.
Chairman and CEO — Eugene Kaspersky — is a world-renowned IT security expert.
His understanding of malware detection and anti-malware technologies got the
company started — and, today, he presides over a world-leading security business
Committed to maintaining our ‘high hit rate’
that operates in 200 countries and protects over 300 million users.
Over the years, Kaspersky Lab has been the first to discover many of the most
sophisticated threats that cybercriminals have unleashed on the world.
No other IT security vendor can claim to have an IT security visionary at its helm.
Anyone who reads the IT press will know that Kaspersky Lab was the first to
While other companies can be swayed in direction — by short-term business
discover Flame, Gauss, mini-flame, Red October, NetTraveller, The Mask, Darkhotel
objectives that are set by the ‘money men’ — this is never an issue for Kaspersky Lab.
and many more of the most complex security threats. Ask yourself how many times
any of our competitors have featured in press reports about the first vendor to
Global intelligence — boosts local protection discover a new threat.
Because new malware is being released every second… from every corner of the Furthermore, despite the efforts of vendors that offer specialist anti-APT hardware
world… we recognize that speed and ‘global reach’ are essential in helping us products... Kaspersky Lab is still the company that’s recognized for discovering
to deliver effective security. That’s why we established the Kaspersky Security new APTs.
Network (KSN) — a global network of 60 million volunteers that have opted in to
let Kaspersky Lab receive information about potential malware and suspicious Neither politics nor geography influence our work. Because we’re totally
behavior on users’ devices. independent — and have a global vision — we hunt down threats… regardless of
where they originate or who they target. Furthermore, by publicizing our ‘finds’, we
Analyzing this real-time data — from worldwide sources — enables us to provide help to alert the whole world about new threats.
a more rapid response to newly identified threats… wherever they originate. So —
regardless of whether they opt in or opt out of KSN — all of our customers benefit
from a much quicker reaction to new malware… plus a low rate of false positives —
Respected by world-leading security organizations
so they can maintain productivity.
Because we’ve established a reputation for remediating malware attacks —
regardless of their origin or purpose — many of the world’s most respected security
Great… greater… greatest security organizations and law enforcement agencies have actively sought our assistance.
Our Global Research & Analysis Team (GReAT) is an elite group of IT security experts — In addition to INTERPOL and Europol… Computer Emergency Response Teams
strategically located in all regions of the world. Together, they form one of our most (CERTs) from across the world have also invited us to work closely with them.
important assets in the fight against the latest and most sophisticated threats. Naturally, we’re proud to help.
With industry-leading security researchers based in eighteen countries, GReAT No one gets asked to work alongside any of these organizations… unless they really
is constantly analyzing new cyberthreats and developing increasingly powerful know what they’re talking about — and have already proved they can deliver.
protection technologies.

Bigger investment in Research & Development During 2013, Kaspersky Lab products took part in 79 independent tests and
reviews… and the results were impressive:
We’re the world’s largest, privately held IT security company.
• We were awarded first place in 41 reviews
Because we’re privately owned, we’re independent and that means we’re free to • We achieved a Top 3 listing in 61 reviews
run our business without being constrained by short-term aims or having to change
direction in order to satisfy the demands of shareholders or the stock market. You’d be forgiven for thinking that it’s our anti-malware technologies that are
Instead, we can fund our threat intelligence activities on a massive scale… and singled out for awards and accolades. However, that’s not the whole story… a wide
then, when we’re developing innovative security technologies for our customers, we range of our protection technologies have won awards:
can be very agile and responsive in how we run those development projects.
• Application Control with Dynamic Whitelisting
As a technology-driven — not marketing-focused — company, we invest in research
and development at a rate that exceeds the industry average. • Mobile Security
• Systems Management and Patch Management
We take care to invest in our products… and they take care of our customers… so
our business success takes care of itself! • Secure Financial Transactions
… and, of course, Anti-Malware!

‘Organic development’ yields better security solutions
It’s also worth noting that three of the most respected industry analysts — Gartner,
Whereas other security vendors may seek to add new features to their products Inc… Forrester Research… and International Data Corporation (IDC) — describe
by acquiring other companies, we recognize that this approach can lead to poorly Kaspersky Lab as a ‘leader’. This ‘Triple Crown’ of recognition is a valuable
integrated products that are difficult to configure and manage. reminder that Kaspersky Lab delivers world-class security solutions.
Kaspersky Lab develops all of its own core technologies… and because those The fact that so many OEMs rely on our technologies provides further proof of our
technologies are developed and perfected by the same team, our products are position as a leader. With over 130 OEMs using our technologies within their own
more stable and more efficient in their use of our customers’ computing resources. products and services, there’s a high chance that the customer you’re talking to
With a single codebase, our products offer tightly integrated sets of technologies… already depends on Kaspersky Lab technology!
with none of the compatibility issues that can result when a vendor simply ‘bolts on’
new functionality — by acquisition.
Everything adds up to superior security
Proven leaders… and don’t just take our word for it
So those are the seven elements of our Security Intelligence DNA. Any one of
In tests run by independent labs, our products achieve a greater number of ‘top
them — in isolation — would be enough to make a difference… but by combining
scores’ than any other security vendor’s products.
all seven, Kaspersky Lab is an unstoppable force against cybercriminals and the
security threats they devise.

Kaspersky Endpoint Security for Business. Advanced | Kaspersky Endpoint Security for Business. Select and Core | What about customers that need even more…?
Which ‘tier’ of Kaspersky Endpoint

Security for Business… for which
BUSINESS
customer? CONTINUITY
As we mentioned earlier… because customers are mainly concerned with identifying

ways to solve specific business issues, our initial discussions with prospective
customers should primarily focus on how Kaspersky Lab technologies address the
following pain points:
• Business Continuity
• Data Protection REGULATORY DATA
• Mobility
COMPLIANCE PROTECTION
• Regulatory Compliance
• Reducing Operational Costs
The names of our products and the exact composition of each Kaspersky Endpoint
Security for Business tier are not relevant during early discussions. However, at
a later point in your conversation with a prospective customer, you’ll need to talk
them through the tier options that Kaspersky Endpoint Security for Business offers.
REDUCING MOBILITY
OPERATING
COSTS

Kaspersky Endpoint Security for Business — Similarly, if the prospect also already has an effective Mobile Security solution
(not just a Mobile Device Management application)… plus Systems Management,
Advanced Data Encryption, Endpoint Controls and Anti-Malware for File Servers… Kaspersky
Endpoint Security for Business — Core may be suitable.
Because all sizes of business face the same security risks… and these are risks
that can put a business’s very existence in danger… every business needs all of The benefits of ‘leading’ with the Advanced tier
the rich functionality that is included in Kaspersky Endpoint Security for Business —
Advanced. The point is… we should always start with the very valid assumption that the
customer needs all of the functionality that’s within Kaspersky Endpoint Security for
The Advanced tier of Kaspersky Endpoint Security for Business isn’t some kind Business — Advanced… unless there’s evidence to suggest the customer already
of luxury option that’s reserved for customers that have bigger budgets… there’s has some key security and management functions covered by other products that
nothing superfluous in Kaspersky Endpoint Security for Business — Advanced. they’re happy to continue using.
Yes… Kaspersky Endpoint Security for Business — Advanced delivers multiple layers This approach isn’t simply about maximizing sales revenues (although that is a
of protection… but every function and component technology is essential and aimed useful by-product in helping you to hit your sales target)… instead, it’s about offering
at making our customers more secure. So your focus should be on discussing the the customer more value — by addressing more of the pain points that we know
benefits of Kaspersky Endpoint Security for Business — Advanced… with every every business needs to solve.
business… in every vertical market… unless a specific customer already has some
security issues covered by other solutions. In addition, if you’re able to engage with the customer on a wider range of pain
points that we can help them with… it’ll help you to have more in-depth discussions
For example, if the prospective customer already has a far-reaching Systems with them… and your value as a supplier can greatly increase.
Management solution… and a Data Encryption product that has the necessary
flexibility to help them protect against different forms of data leakage… perhaps
Kaspersky Endpoint Security for Business — Select will be adequate. Here’s what’s included in
Kaspersky Endpoint Security for Business — Advanced
However, even if they already have some management technologies, it’s still
worthwhile checking that the Systems Management solution that they’re running • Anti-Malware and Anti-Phishing for Workstations
is capable of addressing all of the security issues that Kaspersky Lab’s Systems
• Anti-Malware for File Servers
Management functions cover… to ensure the customer isn’t missing out on any of
the vital, security-focused Systems Management functionality that Kaspersky Lab • Systems Management
offers — such as our rigorous Vulnerability Assessment and Patch Management.
• Data Encryption
Because our management functionality will readily work alongside other Systems • Mobile Security and Management
Management applications — and can be integrated into their reporting functions —
• Endpoint Controls
many businesses choose to use our Systems Management capabilities to
complement their main Systems Management solution… by adding extra focus to • Unified Management Console
the security aspects of management.

Kaspersky Endpoint Security for Business — Select Kaspersky Endpoint Security for Business — Core
In some regions, we also offer a tier below Kaspersky Endpoint Security for
Here’s what’s included in Business — Select. This lower tier… called Kaspersky Endpoint Security for Business
Kaspersky Endpoint Security for Business — Select — Core… still delivers our award-winning anti-malware technologies. However, it’s
worth remembering that, with today’s wide range of security threats, anti-malware
• Anti-Malware and Anti-Phishing for Workstations isn’t enough to protect against all risks — so we should avoid selling this tier…
• Anti-Malware for File Servers unless the customer already has all other security issues covered.
• Mobile Security and Management

Here’s what’s included in
Kaspersky Endpoint Security for Business — Core
• Unified Management Console
• Anti-Malware for Workstations
Which extra technologies are inside Kaspersky Endpoint Security • Unified Management Console
for Business — Advanced
… beyond those offered by Kaspersky Endpoint Security for Which extra technologies are inside Kaspersky Endpoint Security
Business — Select? for Business — Advanced
… beyond those offered by Kaspersky Endpoint Security for
• Systems Management
Business — Core?
• Data Encryption
• Anti-Malware for File Servers
• Systems Management
• Data Encryption
• Mobile Security and Management

What about customers that need even more

than Kaspersky Endpoint Security for Business —
Advanced already offers?
We also offer a range of Kaspersky Targeted Security Solutions — such as
Kaspersky Security for Virtualization and Kaspersky Security for Storage… and
these can be added to the customer’s Kaspersky Endpoint Security for Business
— Advanced implementation... with almost all technologies still being managed via
a single unified management console — Kaspersky Security Center.
In addition, we also offer a tier above Kaspersky Endpoint Security for Business —
Advanced. It’s called Kaspersky Total Security for Business and it delivers
everything that Kaspersky Endpoint Security for Business — Advanced offers… plus:
• Security for Mail

• Security for Internet Gateways
• Security for Collaboration
… and, again, if the customer needs to add security for virtualized environments
and security for storage, there are Kaspersky Targeted Security Solutions for each
of these requirements.

Large enterprises and multinational businesses | Mid-size and Small businesses
Which types of business should you

be targeting as part of your sales
strategy?
Some people in the IT security industry have made the mistake of thinking However, there are also specific reasons why Kaspersky Endpoint Security for
Kaspersky Lab’s business security products are best suited to small to medium-size Business is ideal for large enterprises… specific reasons why Kaspersky Endpoint
businesses. While it’s true that our security solutions are very well suited to small Security for Business meets the needs of mid-size businesses… and specific
and medium-sized business… that’s only part of the story. reasons why Kaspersky Endpoint Security for Business also offers significant
advantages for smaller businesses.
With all sizes of business having to deal with very similar pain points, Kaspersky
Endpoint Security for Business helps every type of organization — from small Let’s take a look at each in turn…
businesses to large enterprises — to address the following key issues:
• Business Continuity — by protecting against known, unknown and advanced

threats… to help eliminate IT downtime
• Data Protection — by encrypting data, controlling the use of removable storage
devices and preventing applications from sending data outside the business
• Mobility — by protecting devices and data, separating corporate information
from the user’s personal data, simplifying MDM and enabling remote anti-theft
features
• Regulatory Compliance — by monitoring and managing software licenses and
controlling access to the corporate network
• Reducing Operating Costs — by simplifying day-to-day systems management
tasks, controlling web usage and providing a powerful, single management
console that makes it easier to manage every security and systems management
function

Large enterprises and multinational businesses Here are three reasons why Kaspersky Endpoint Security for
Business is ideal for large enterprises:
Selling to this size of business isn’t an aim for the future… it’s something for the
• It’s a highly scalable security solution — able to protect the massive numbers of
here and now. Furthermore, we already have a proven track record of success in
endpoints that enterprises run
selling within the enterprise market.
• It can be tailored to meet specific infrastructure needs — by adding any of our
Many large-scale enterprises — that are recognized across the globe — are already wide range of Targeted Security Solutions, including:
using Kaspersky Lab security technologies to protect their mission-critical business
◦◦ Kaspersky Security for Virtualization
operations. These customers include:
◦◦ Kaspersky Security for Storage
◦◦ Kaspersky Security for Mail Server
• Telefonica
◦◦ Kaspersky Security for Internet Gateway
• International Atomic Energy Agency ◦◦ Kaspersky Security for Collaboration
• Axel Springer • It lets administrators set single policies that cover multiple security technology
• Ferrari settings… across multiple different types of endpoints
• Swarovski In addition, we offer a range of services that meet the needs of large enterprises
• TeleMadrid and mid-sized businesses, including:
• Russian Railways • Kaspersky Maintenance Service Agreement (MSA)

• Minol • Kaspersky Intelligence Services
• Wüstenrot • Kaspersky DDoS Protection
• Verbundnetz Gas AG
• Strabag
… and many more.
If you consider that over 130 OEMs also use our technologies within their own
products and services — including Microsoft, Cisco Meraki, Juniper Networks,
Alcatel Lucent, Blue Coat, Check Point, D-Link, Clearswift, Netgear, ZyXel, General
Dynamics, BAe Systems and more — it’s no surprise that we have a big profile within
enterprise level organizations.

It’s also worth noting that the latest version of Kaspersky Endpoint Security for For enterprise-level customers, Kaspersky Lab’s simple formula…
Business includes additional functions that are particularly suited to enterprise-
level customers, including: Best Security Intelligence + Best Security Technologies = Best Protection
• Support for access / sign-in via smartcards and tokens — including the two-factor … provides a compelling argument for choosing Kaspersky Endpoint Security for
authentication mechanisms that enterprises demand for functions such as Business — Advanced.
encryption
• Role-based access control — based on user profile — for hierarchical access
that takes account of different administrators’ roles and lets different groups or
departments manage functions as they require
• Support for a wider range of platforms — including Microsoft Surface devices and
UEFI & GPT disks
• Optimized code — for a smaller ‘footprint’, more efficient use of computing
resources & improved productivity… plus a 30% reduction in network load during
distribution
• Integration with SIEM (security information and event management) products —
including HP ArcSight and IBM QRadar
• Support for Samsung KNOX 2.0

Mid-size businesses Small businesses

Ambitious, mid-size businesses often set their sights on becoming tomorrow’s Small businesses can be subject to the same security risks that large enterprises
large enterprises. So, the last thing they need is a security solution that can’t grow have to deal with. However, whereas large companies are likely to have significant IT
with them. support resources, small businesses often have very limited in-house IT expertise.
Some may even use external contractors to manage their IT environments.
Having to rip out and replace an inflexible solution can be disruptive and expensive.
However, while the company is still mid-size, many enterprise-level solutions can be
overly complex to run… so it can be difficult to select a security solution that’s suited Here are three reasons why Kaspersky Endpoint Security for
to mid-size business — but is capable of scaling as the business grows. Business is ideal for small businesses:
In fact, it’s only difficult… until the customer finds Kaspersky Endpoint Security for • It’s easy to install, configure and set up — with a short ‘learning curve’ — yet it
Business! offers world-class security
• It gives small business ready access to some enterprise-class systems
Here are three reasons why Kaspersky Endpoint Security for management tools — that help boost efficiency
Business is ideal for mid-size businesses: • It’s easy to manage — both for security management and systems management
functions
• Its wide range of protection technologies deliver multi-layered security — so
the business is protected against all types of malware and Internet threats —
while the product’s systems management capabilities help to drive efficiency
improvements
• The flexible reporting functionality gives administrators improved visibility of
security and management issues
• It’s designed for ease of use and manageability — yet it can also scale to cover
increasing demands… so there’s no need to ‘rip out and replace’ — and that
eliminates disruption, reduces capital costs and avoids the need for retraining
administrators

Additional information
Eugene Kaspersky’s blog Securelist & Threatpost

Don’t forget this is a great resource for keeping you updated on security trends and Similarly, these two websites are an invaluable source of information… both for you
new thinking. It’s also very worthwhile suggesting your customers to subscribe to and your customers:
the blog — it provides them with valuable information and helps to ‘cement’ their
relationship with Kaspersky Lab. • Securelist — is the online headquarters of Kaspersky Lab security experts… and
it provides the latest information about viruses, hackers and spam;
Go to Eugene’s blog
• Threatpost — an independent news site that provides information about IT and
business security to hundreds of thousands of IT and security professionals.

Glossary Anti-Spam
Filtering out spam – a never-ending stream of unsolicited email advertisements –
has become an absolute necessity for any company using electronic mail ; spam
Agentless Protection consumes disk space and bandwidth, slows down working processes and, in
amongst the generally harmless rubbish, can carry with it lethal threats in the form
Thanks to VMware VShield technology, it is possible to provide anti-malware of phishing emails. And there should no mis-identifications – or precious business
protection for a number of virtual machines (VMs) running under a hypervisor correspondence could be lost, along with potential business opportunities.
without the need to install a software agent on each VM. Instead, a single That’s why Kaspersky Lab’s anti-spam system employs layers of sophisticated
dedicated “Virtual Security Appliance” serves all the machines. While offering technologies – such as Urgent Detection System 2, Enforced Anti-Spam Updates,
multiple benefits, such as “instant” protection for emerging VMs and “update/ Content Reputation — reducing the number of mis-identifications or ‘false positives’
scanning storms” immunity, this VMware-introduced approach does have significant practically to zero.
drawbacks including the lack of access to processes in the VM’s memory. Still, it
is a solution of choice for a number of applications, particularly in virtual server
environments. Application Control (technology)
This technology allows admins to monitor and control the installation and launch of
Anti-malware (technology) software applications. This proactive layer of protection is also useful for blocking
out executable malware, including malicious apps which are yet unknown to the
The core element of most known security solutions. It consists of many different developer. According to leading consulting agencies such as Gartner, contemporary
technological components united by a common goal: to fight malware. An effective Application Control solutions should be built and employed in conjunction with
contemporary anti-malware solution usually is able to work with both the file system dynamically updated Whitelisting, which contains data on existing legitimate,
and processes in memory, though there are certain cases and conditions when trusted and safe applications and their components — which is exactly the way it
certain functions may not be applicable. Nowadays, anti-malware is often found as is implemented in Kaspersky Lab’s products. Many IT risk mitigation strategies
a part of comprehensive security solutions. include recommendations for using Application Control.
Anti-Phishing- Anti-phishing (technology) Automatic Exploit Prevention (AEP) (technology)

Constitutes countermeasures against phishing. Kaspersky Lab’s Anti-phishing This Kaspersky Lab technology protects systems against so-called exploits: specially
technology includes continuously updated database of phishing links that is crafted fragments of malicious program code that take advantage of vulnerabilities
accessible via Kaspersky Security Network and a heuristic engine that helps to in legitimate applications or system components to execute arbitrary code. Based
block the sites that are yet unknown to the public. There is also a system for domain on the principles of behavioral analysis, it’s capable of stopping even Zero-day
name validation that is especially useful against DNS spoofing attacks, which exploits that are yet unknown to the public. For several years in a row now, it has
checks if the domain name in the given link really leads to a legitimate page* been and continues to be the most effective technology on the market against
exploit, according to independent test results from studies such as those conducted
*The Domain Name Validation technology is currently included only in Kaspersky Fraud Prevention, but
will be included with new versions of Kaspersky Endpoint Security for Business and Kaspersky Security by MRG Effitas.
for Virtualization | Light Agent.

Centralized Management Web Control (technology)

With IT security becoming increasingly complex, the most naturally efficient Kaspersky Lab’s technology that makes it possible to limit the range of Internet
management strategy is the use of single console for the whole range of tasks. Any sites accessible to employees at the workplace, thereby lowering the chances of
truly centralized management system should, critically, be underpinned by a single infection, data loss, and lost work time. These limitations can be set based on exact
unifying concept; the difficulties of integrating newly acquired solution components addresses, keywords, or on a broader range of pre-defined content categories.
with disparate conceptual approaches are well known. Kaspersky Lab’s single
console solution perfectly demonstrates the advantages of a fundamentally unified
approach. File Level Encryption (FLE) (technology)
This is a type of encryption that allows individual files or folders to be encrypted.
Content-aware Data Loss Prevention (DLP) for Mail & Collaboration Kaspersky Lab’s implementation allows automatic encryption of an object that were
saved in certain folders, certain file types (MS Word files, for example), or created
Statistically, one of the most notorious ways in which confidential corporate using a specific application. Unless a user enters the right password, the data
information can become exposed is via electronic correspondence. That’s why remains unreadable gibberish.
governing this type of information flow is critical to corporate security. Kaspersky
Lab’s content-aware DLP employs a plethora of techniques to prevent information
from falling into the wrong hands. Updatable dictionaries, support for a number Full Disk Encryption (FDE) (technology)
of different Security Standards such as PCI DSS, configurable rules and flexible
A type of encryption that allows full storage drives to be encrypted. This is especially
Incident Response are just a fraction of its multiplicity of features. In essence,
useful when there is plenty of sensitive data and the risk of physical loss (theft) is
Kaspersky Endpoint Security for Business technologies, used in conjunction with
significant. Kaspersky Lab’s implementation of FDE makes it possible to encrypt
content-aware DLP, together form a truly comprehensive barrier for data leaks,
even hard drives that contain an operating system, while leaving it fully functional.
without putting undue strain on the endpoint.
Kaspersky Lab’s Pre-Boot Environment (loaded before the OS) prompts for
authorization — without it, the system won’t boot and the content of the drive would
Device Control (technology) be impossible to read.
This technology allows admins to apply restrictions to devices connected to

computers. The most common scenario for Device Control deployment suggests Hardware Registry
limitations for the use of external storage, such as USB flash drives or external hard
The hardware registry provides visibility of endpoint hardware configuration. It
drives, which areknown as some of the most common pathways for infection and
allows the tracking of unsolicited configuration changes, including any thefts of
critical data theft. The admin may specify a limited number of storage devices to
hardware components.
be used exclusively for work-related needs. Permitted devices can be configured to
have readonlyaccess mode. Often these devices are Encrypted.

License Management Mobile Security

This convenient tool gives the administrator an ongoing awareness of application With mobile endpoints becoming increasingly widespread, the need for Mobile
licenses covering software running on the IT network. It facilitates the renewal Security cannot be underestimated. Kaspersky Lab’s Mobile Security solution is rich
process for expiring licenses and helps identify license violations. Possible in functionality, featuring not only core Anti-Malware, but a whole range of protective
consequences of license violation can include loss of functionality and lawsuits, so technologies, including Anti-Theft, Application and Web Controls, Jailbreak/Rooting
this aspect should not be taken lightly. detection, forced Encryption and Containerization. Even more importantly, it’s tightly
integrated with Mobile Device Management and Mobile Application Management;
together, they form a truly comprehensive solution for maintaining an efficient and
Mobile Application Management secure mobile workforce.
This functionality greatly facilitates the process of deploying and managing mobile
applications for both company-provided and BYOD mobile devices. It helps maintain Patch Management (technology)
a convenient working environment on the device, without the ongoing time-and-
place complications usually associated with mobile workforce management. And, A tool that helps keeping your endpoints fully updated, thereby significantly
for corporate devices, it provides an extra security layer by blocking all unsolicited reducing the risk of successful exploit attacks. Kaspersky Lab’s patch management
apps — a possible source of instability and IT security incidents. systems provide a high level of automation for sysadmins, and can be used instead
of Microsoft’s WSUS or in conjunction with it. On the Patch Management market,
Kaspersky Lab’s solution is one of the leaders in terms of the number of managed
Mobile Device Management (MDM) (technology) patches and has earned 1st place in terms of the number of patched products
and vendors. The effectiveness of Kaspersky Lab’s Patch Management solution
A common unified system for monitoring, managing, and securing a company’s
has been proven in independent tests, such as the latest test conducted by AV-Test
mobile force. Kaspersky Lab’s MDM solution consists of client-side components
Institute.
(including Kaspersky Security for Mobile) and server-side components, which
support Microsoft Exchange ActiveSync, Apple MDM, and Samsung SAFE standards
for MDM. The solution’s admin console is integrated into the Kaspersky Security Protection with a Light Agent
Center’s user-friendly. It offers many highly useful functions including Anti-Theft,
Containerization, Remote Deployment, and Remote Wipe. These features are critical To compensate for the known drawbacks of Agentless protection in virtual
in the event of device loss/theft, or when an employee leaves company with his environments, Kaspersky Lab suggested installing a small ’Light Agent’ on each
personal device containing sensitive corporate data. virtual machine to be protected — while retaining all the benefits of a single
Virtual Security Appliance. This provides a drastic increase in effectiveness (the
anti-malware engine is now able to access processes in VM memory) as well as
enabling a range of additional proactive defenses such as Security Controls. The
only notable lost feature is so-called “instant” protection of emerging VMs. Still,
for some scenarios (such as using previously set up VM images with no need for
memory retention and with the Light Agent pre-installed) the problem is irrelevant.
And, what is even more important, efficient security for the other two most popular
virtualization systems — Microsoft Hyper-V and Citrix — becomes an option.

Software Management
A number of options within Kaspersky Security Center empower the system
administrator to track and manipulate software. The Inventory option allows the
tracking of installed software; invaluable when implementing Application Control
scenarios. Package Installation allows the creation and management of installation
packages — including Kaspersky Lab apps or sets of standalone packages. Image
Deployment facilitates the rollout of whole system images comprising all the apps
necessary for ongoing business processes; it speeds up new system installation
as well as allowing for rollback in the case of a software malfunction that’s beyond
immediate repair.
Vulnerability Assessment (technology)

This tool provides information about vulnerabilities known to exist in the OS and
popular applications, which is crucial to prevent exploits from achieving success. In
Kaspersky Endpoint Security for Business, vulnerability assessment it was designed
to be used in conjunction with Patch Management to tackle software vulnerabilities
timely and effectively.

Kaspersky Endpoint Security For Business Sales Training (All Modules) - PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Kaspersky Endpoint Security For Business Sales Training (All Modules) - PDF

Uploaded by

Copyright:

Available Formats

HOW TO SELL MORE…

… KASPERSKY ENDPOINT SECURITY

Make sure you pass the test!

2 © 2015 Kaspersky Lab. All rights reserved

What’s most important to your

• Leading international organizations — including INTERPOL and Europol — have

3 © 2015 Kaspersky Lab. All rights reserved

Deal with the issues that affect them

4 © 2015 Kaspersky Lab. All rights reserved

• Ensuring all mission-critical processes can run… totally unimpeded

• Reduced productivity — as a result of disruption and delays affecting internal FINANCIAL

In addition, bad publicity about an extended period of downtime can significantly

5 © 2015 Kaspersky Lab. All rights reserved

Malware’s devastating impact on business continuity

So… malware-related downtime isn’t an option — for any size of business.

… but even anti-malware can damage business continuity

Poorly designed, inefficient anti-malware solutions can absorb significant computing

6 © 2015 Kaspersky Lab. All rights reserved

• Their own intellectual property

7 © 2015 Kaspersky Lab. All rights reserved

Increasing numbers of businesses are also extending mobile access to include

8 © 2015 Kaspersky Lab. All rights reserved

9 © 2015 Kaspersky Lab. All rights reserved

Reducing Operating Costs

Similarly, a well-designed systems management product can help to automate

10 © 2015 Kaspersky Lab. All rights reserved

How we help customers

11 © 2015 Kaspersky Lab. All rights reserved

12 © 2015 Kaspersky Lab. All rights reserved

That’s enough about the myth...

13 © 2015 Kaspersky Lab. All rights reserved

Kaspersky Lab offers integrated, multiple protection technologies that work

Blocking known threats

Further Kaspersky Lab protection against known threats includes:

• URL filtering — to protect against websites that contain malicious code

14 © 2015 Kaspersky Lab. All rights reserved

15 © 2015 Kaspersky Lab. All rights reserved

• Application Startup Control — makes it easy for administrators to grant, block or

Protecting against advanced threats

By contrast, Kaspersky Lab devotes significant research and development

16 © 2015 Kaspersky Lab. All rights reserved

17 © 2015 Kaspersky Lab. All rights reserved

Data encryption converts files into an unreadable form — so information cannot

18 © 2015 Kaspersky Lab. All rights reserved

How we protect data on mobile devices

How we protect data on laptops

We also provide a choice of encryption methods:

19 © 2015 Kaspersky Lab. All rights reserved

20 © 2015 Kaspersky Lab. All rights reserved

21 © 2015 Kaspersky Lab. All rights reserved

Monitoring and managing software licenses

Because Kaspersky Endpoint Security for Business automatically discovers all

Controlling who can access the corporate network

22 © 2015 Kaspersky Lab. All rights reserved

Reducing Operating Costs Remote troubleshooting and software deployment

In addition to functions that improve security — by assessing vulnerabilities,

23 © 2015 Kaspersky Lab. All rights reserved

Highly integrated… for easier management and lower costs

This is a key differentiator for Kaspersky Endpoint Security for Business.

A single management console… for every function

If different security functions are poorly integrated within a protection product,

24 © 2015 Kaspersky Lab. All rights reserved

It’s because we’re different…