Insider Security Threats Q&A
by Berislav Kucan - Wednesday, 12 October 2005.
Many current regulations now call for public notification of a data breach. And the stock market has reacted strongly to such notifications, which moves the risk of a data breach from a "local IT cleanup project", to something that will affect the overall value of the company.

This is no longer an IT issue, it's a business survival issue, as evidenced by the experience of CardSystems Solutions Inc who declared a data breach back in May of this year. After losing a number of its customers as a result of their lack of security, they are now in the process of being acquired by their rival CyberSource Corporation. For CardSystems Solutions Inc, this was literally a life and death issue.

All of which means a significant change in the traditional IT security strategies.

Up until now most IT security has been based on a "Moat and Castle" security strategy, or put simply; "Create a strong perimeter to separate the "trusted" environment (folks who belong to the organization), from the untrusted environment, (every one else), and secure against the untrusted environment."

The problem with this is that by definition insider attacks come from the inside... And so the security focus has to shift from the perimeter and beyond, to include securing inside the perimeter as well.

To do this, organizations start by identifying and establishing security policies specifically for inside the perimeter, including effective network segmentation that creates closed user groups, limiting what individuals are exposed or have access to.

Then you need to enhancing data security by protecting data-at-rest using authentication, and access control, as well as protecting data-in-motion with encryption - especially sensitive items like user names, passwords, and personal identity data.

All of which should be complemented by effective monitoring and reporting that covers the entire environment - especially those connection attempts that happen where they shouldn't.

This is not simple.

Most traditional security technologies were developed for the "Moat and Castle" strategy and as such, do not work very will inside the perimeter.

Help is on the way however. There is a new class of technology emerging that was designed specifically for this purpose, including those produced by Apani Networks, that can help simplify this onerous but necessary task.


More than a third of employees would sell company data

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 31st