Other

The Changing Network Perimeter

The new battleground is information leakage.
This story appears in the June 2007 issue of BizTech Magazine.

 


Jim Shanks, Executive Vice President and former CIO of CDW

Until recently, the primary focus of network security was to guard the perimeter and keep the bad stuff out. Businesses used firewalls to segregate the internal network from the external network and prevent unauthorized network traffic or potentially malicious content from penetrating the corporate network.

 

Antivirus, antispam and other technologies were deployed on e-mail gateways and other perimeter-facing servers to monitor and block potentially malicious content from entering the network. It was assumed, in many cases, that any data on the internal network was safe and that there was no need to monitor or block data on its way out.

But network security continues to evolve in some good and some not so good ways. For starters, technologies such as firewalls and antivirus applications offer an increasingly complex means to protect the perimeter. This is a good thing.

Unfortunately, as mobile computing and portable storage devices have taken off, the perimeter has disappeared and the line between inside and outside the network has been all but erased. The definition of the network is expanding, and the battlefront has also moved accordingly.

There are many ways that confidential or private data can leave a corporate network. Users may copy files to notebook PCs to take work home or copy data to portable storage devices, such as Universal Serial Bus flash drives, cell phones, digital cameras or MP3 players. Data can be intentionally or inadvertently sent out via e-mail, which makes it tough to protect against information leakage.

Ben Rothke, a New York City senior security consultant with International Network Services, calls it the “perfect storm” — curious people, ubiquitous high-speed Internet access and overall poor security on the servers storing that information. “When you put those three factors together, they combine to create the situation where confidential data can be quickly leaked and shared with an enormous amount of information. Once the data is shared in such a manner, it is effectively impossible to get it back in a secure state.”

As you battle information leakage in your organization, keep these five tips in mind:

1 Written policy on corporate data/removable storage. If the guideline defining what is or is not acceptable is not written down, employees cannot be expected to follow it. Your policy should specify what is expected from employees regarding the removal or transportation of internal corporate data, and should also define what is acceptable in terms of USB flash drives, MP3 players or other removable storage devices that users might connect to a computer.

2 Proper file/folder permissions. You should organize data into a meaningful directory structure, and design the file and folder permissions to limit access to sensitive or confidential information to authorized users or groups.

3 Encrypt confidential/sensitive data. Encrypt exceptionally sensitive or important data, preferably using a two-factor authentication that requires more than simply cracking a password to decrypt and view.

4 “Google hack” your company’s Web site. Many organizations are surprised to find out just how much confidential and sensitive information from their network is available online. Scan your company’s network or registered domain name and identify any accessible data before someone else does.

5 Consider implementing aninformation-leakage appliance. After you have developed policies and procedures to protect the data, and you have taken the necessary steps to secure sensitive data against unauthorized access, all that is left is to watch the network to detect and block any attempts — intentional or not — to e-mail or otherwise transmit confidential or sensitive data.

Jim Shanks is executive vice president of CDW, a $6.8 billion provider of technology products and services, based in Vernon Hills, Ill.
Sign up for our e-newsletter

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.