Short memories or complacency? ask Ray Binnion, non-Executive
Chairman, Defend-IT
Limited and James Colby, Vice President Marketing,
Insightix.
Every time a
major data security breach comes to light or a
successful prosecution is brought
against the perpetrators of identity theft, the press deluges
us with stories about
piggybacking,
sniffing,
evil twins and theories about shady international crime
organisations. But
the stories about people snooping on
unsecured wireless networks are
not new. In a technological world where two years seems like a
lifetime,
exposés about
wardriving can be found from the beginning of the decade. If we
look back at the past few years, innovation by the IT security
industry, advancements in governmental and industry regulation and
the investment in enterprise security infrastructure has continued
unabated. But still, data security - or the lack of it - seems to
be headline news.
So what conclusions should we draw? Yes, after several years of
publicity, vast swathes of the business world still do not have
adequate security to protect their networks and confidential
information. However, the responsible majority of companies -
certainly those in the retail and financial sectors -
now have policies that secure their operations. The problem is
often that
these policies can be too difficult to enforce and appear as
these regular stories in the press. Although wardriving and
accessing corporate networks via unsecured wireless access points
have captured the public's imagination, this is just part of the
network security jigsaw puzzle. Insight into the world's largest
credit card data theft from the TJX group, owners of TKMaxx,
revealed that, although the initial security breach took place via
a secured wireless access point - albeit one with outdated,
hackable WEP technology - other factors and vulnerabilities in the
company were also exploited.
So the real story is the same old story: security breaches often
have a
"
human dimension" to them. Vulnerabilities stem from
ill-conceived security plans, a failure to adhere to security
policies, a lack of employee common sense, or a business can simply
fall prey to a good old-fashioned "inside job".
If one looks for security similes between the physical and
information technology worlds, a significant proportion of
vulnerabilities stem from poor employee judgment. The executive
connected an
unsecured wireless access point to the LAN port in his office
to improve his productivity. Would he have acted differently had he
appreciated that connecting his personal WAP to the corporate
network was like leaving the building unlocked every night?
The store manager who had her laptop containing customer data
stolen from her car would probably consider taking the days
cash takings home with her an irresponsible act. Security exposure
often stems from the fact that people do not appreciate that their
acts result in risk exposure they have a different perspective
about IT security compared to physical security.
So what can a business do to completely secure its operations?
Is it enough if best practices have been studied, policies
implemented and a multi-tiered set of security technologies
deployed? The realistic answer is "no". Humans - employees -
represent the weak chink in a business' armour. Unless there is
a fundamental and rapid change in perspectives about security (and
let's face it, this is unlikely), employee's behaviour will
continue as a critical source of vulnerabilities for the
foreseeable future.
So even with the best laid defences in place, businesses still
need to be ready for the inevitable security breach or employee
actions that expose the operation to risk, whether those actions
are inadvertent or not. Fortunately tools exist that help
organizations remain vigilant to changes in the network, tools that
can alert administrators to the presence of unauthorised devices
and even safeguard against the connection of rogue elements that
contravene security policies.
With the advantage of real-time network visibility solutions,
network security managers can react instantly to threats as they
occur. Security breaches caused by connecting an unapproved
wireless access point to the LAN can be identified and dealt with
before any wardriver has the chance exploit it. Prior to the
availability of real-time visibility tools, network managers were
oblivious to the holes in their defences and the ramifications were
made clear to all by the world's media. Network visibility tools
are the IT world's equivalent of a team of security guards
constantly patrolling to ensure that all doors are securely
bolted.
Alternative approaches to data protection:
Securing your network without firewalls>>
Who needs network security?
European firms ahead of the US on network
deperimeterisation>>