Follow on Google News News By Tag Industry News News By Place Country(s) Industry News
Follow on Google News |  Data-Centric Security - Why,When and How.IT security engaged in a game of cat and mouse with hackers as fast as they deploy security countermeasures, these rogue elements discover new avenues of attack. Traditional security have relied upon guarding the perimeter of a company’s network.
By: SentryCom Ltd. IT security professionals engaged in a game of cat and mouse with hackers as fast as they deploy security countermeasures, these rogue elements discover loopholes or entirely new avenues of attack. Traditional security methods have relied upon closely guarding the perimeter of a company’s network.The continuously escalating and mutating threat environment has led many firms to layer security countermeasures one upon another; starting with firewalls, companies have added intrusion detection and prevention systems, malware filters, client-side firewalls, and encrypted network tunnels. Networked business can create a virtual fortress around its infrastructure but still must share information with mobile employees, external business partners, and remote customers. This fortress is not providing business with the adequate level of security and stopping hackers and Cyber attackers from preying for sensitive data. Cisco published a report, summarizing the status of IT security worldwide and determined a quantitative index describing this status. According to this report “Enterprise Networks are experiencing persistent infection. Consumer Systems are infected at levels capable of producing consistent and alarming levels of service abuse. ” More IT complexity = More data-centric security: Where does this lead? Howard Schmidt, an adviser to Pres. Obama, predicts the perfect storm caused by a combination of several factors simultaneously.There is inevitable trend that will cause the situation to worsen in the future. This is increasing complexity of IT systems. More complex our systems and networks become- more points of vulnerabilities and security failures will occur: the number of security bugs goes up, increased modularity means increased security flaws, because security often fails where two modules interact , more complex the system is, the harder a security evaluation becomes, harder it is to understand and analyze. So we need to realize that in the future we can not completely prevent penetration of computerized systems and be prepared to cope with this situation. We must admit that we cannot really keep the bad guys out. Dealing with the failure to keep the bad guys out: If we cannot keep them out of our perimeter – we still must protect the data that is valuable and sensitive. This protection must be scalable and adequate for data sensitivity: Another challenge of unstructured data is that the data must support multiple distribution needs: from enterprise servers, to laptops, to USB drives, through email or on top of cloud storage. Many businesses now realize that rather than continuing to add layers of infrastructure security, it’s more effective to protect critical data throughout its life cycle, regardless of where it resides or moves. This concept of protecting data rather than devices is known as data-centric security. Data-centric security must provide data protection at rest (storage) and transit. The unstructured data that requires protection is encrypted before it is transferred or stored. Paul Stamp from Forrester Research said that: “In an evolving, more complex business and IT environment, organizations need to work toward a more data-centric approach to protecting the most sensitive information. Sensitive data needs to be encrypted as close to its point of creation as possible, and decrypted as close to its point of use as possible.” In practical applications: Any data-centric technology must include: data rights management, real-time strong authentication and encryption. Un-structured data protection: Un-structured data files protection needs to be independent of infrastructure and needs to be applicable across the board from Enterprise servers to laptops to USB drives to email to cloud storage. Any Software-as- Transaction data protection: Gartner analysts published in December 2009 that all existing means of strong authentication are inadequate to protect transaction integrity for simple reason that Trojan horse malware resident on our infected PCs circumvent these means. Nearly 50% of PCs worldwide are infected with some sort of malware. The vulnerability exploited is called Man in the Browser. Man-in-the-Browser, is a trojan that infects a web browser and has the ability to modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or Two or Three Factor Authentication solutions are in place. The MitB Trojan works by utilising common facilities provided to enhance Browser capabilities is virtually undetectable to virus scanning software.In an example exchange between user and host, the customer will always be shown, via confirmation screens, the exact payment information as keyed into the browser. The bank, however, will receive a transaction with materially altered instructions. The use of strong authentication tools simply creates an increased level of misplaced confidence on the part of both customer and bank that the transaction is secure. Therefore US regulators and FBI recommend that all financial activities will be performed only from dedicated computers. Obviously this is a short-term solution. It has been demonstrated that Out-of-band transaction confirmation , such SMS sent over mobile phone , merely adds complexity to the process and is still vulnerable to targeted attack .The need exists for malware-resilient solution to the problem. Conclusion: Please visit SentryCom website http://www.sentry- You are welcome to request your Free Sentrycs Software-as- End
|
| |||||||||||||||||||||||||||||||||||||||||||||||
Account Phone Number