Data Security – Thinking Outside The Firewall
Ask anyone professionally involved with computers and the Internet and they will readily acknowledge the vital importance of data security. Security experts are also quick to point out that cyber attacks are increasing at an astonishing rate. Though somewhat self-serving, their observation is practically an understatement!. However, the biggest concern near future may not be the high number of attacks. But rather the sophistication of the intrusions and the growing points of entry that must defend. So, it is the time we took a closer look for ourselves at this moving target called Data Security.
Historically, amateur hackers and disgruntled company insiders have posed the biggest threats to computer networks. In fact, more than one-third of all corporate cybercrime is due to unauthorized access by insiders. From the outside, potent viruses like the Nimda worm and Code Red were merely the notorious products of pesky amateur programmers.
But things can change quickly, especially in the post-9/11 world of network security. Hosting industry is facing the specter of attacks from highly motivated expert programmers bent on cyber-terrorism. We just don’t know what new kinds of blended threats we may face. That’s disturbing when you understand that data security is a reactive technology – which means that threats have to become known before developers can defend against them. Unfortunately, this potential new wave of hackers comes at a time when the traditional firewall may soon become obsolete – no matter how good it is. With the proliferation of wireless networks and virtual private networks, intruders will be able to use these connections as well as Web protocols to gain access to sensitive data without the need to breach perimeter defenses such as a firewall.
Approach to start thinking outside the firewall
So what’s the answer? Well, developers have realized that it’s time to start thinking outside the firewall. One approach is the development of early-warning systems that use heuristic analysis, rather than known virus signatures, to detect abnormal behavior. Thus the ability to react to a previously unknown threat in real time.
A company called Entercept has a product that uses heuristic analysis to recognize abnormal network activity and immediately block server resources from the attack. It is quite a leap forward from merely generating a log and notifying system administrators hard pressed to react nearly fast enough to avoid serious harm.
Automatically Apply Secure patches
To deal with guarding multiple points of entry on today’s networks, Internet Security Systems has been developing their Real Secure platform to automatically apply software patches to both servers and clients whenever vulnerabilities identified. In theory, administrators would no longer have to apply patches manually but instead would rely on a self-healing platform that functions similarly to the human immune system in that it identifies threats and fights back in real time.
Block Crooked Insiders
Still, even these radical measures aren’t much defense against the determined insider attempting to steal company secrets or divert funds or stocks. One company, Savvydata, Inc., aggressively targeting this type of threat with a security program called RedAlert, specifically designed to block crooked or angry insiders from doing harm. RedAlert protects sensitive data from access, printed, emailed, copied or saved to a disk by an unauthorized employee on the network and provide a secure audit trail. It can also lock down data in unaccounted for laptops. Although it may not be able to block an executive with high-level access, it will generate an alert and leave a clear audit trail as a deterrent.
Conclusion – start thinking outside the firewall
With the rapid evolution of today’s hardware and software. It would be naïve to expect that today’s tried-and-true firewall solutions represent the endgame in network security. But rest assured that quantum leaps in applications of safety are rapidly becoming available to deal effectively with tomorrow's unknown threats hopefully. Always re-evaluate security measures and get better informed on new security tools available to protect sensitive data.