Author(s): Steve Vinsik, Posted 06/14/12
For CIOs around the world, cyber attacks have become the new normal. It’s rare to go a week or two without seeing front pages splashed with news of hackers trying to steal customer information or enterprise servers being infected with malware.
This never-ending battle to secure the network and intellectual property is inducing IT divisions into a constant state of action – strengthening firewalls, updating virus protection programs, encrypting data, physical division of user networks, and more. But traditional security mechanisms only address the threat of external attacks.
What if the threat comes from within the organization?
The Insider Threat
According to a 2011 survey by the Ponemon Institute, 39% organizations reported “negligent insiders” as the root cause of data breaches. Results also show that malicious insider attacks can take more than 45 days on average to contain.
These are scary numbers given the fact that “negligent insiders” are often privileged users with access to sensitive information or systems who either knowingly or unknowingly compromise them. Furthermore, emerging trends like cloud computing and consumerization of IT are only making matters worse for IT staffers as none of the traditional security solutions account for insiders who can compromise IT systems from within the four walls.
Today, organizations are asking -
“In an environment where the traditional “hard exterior, soft interior” network security model has become outdated, how do I better secure my internal corporate applications from unauthorized access?”
Communities of Interest
The need of the hour is a network security infrastructure that enables sharing without risk of another group accessing data, applications, workstations, servers and virtual machines. Members belonging to one community of interest (CoI) should have zero visibility to anyone or any device not in the same CoI group.
The infrastructure should enable IT administrators to manage CoI members based on user credentials and defined access rights, integrated with the organization’s identity management system. This means a user can logon from any workstation and once authenticated, can access his and only his authorized applications and information.
The integration with the identity access management system must also provide seamless CoI membership control without changes to the network configuration (when a user’s role changes, only the identity management system needs updating).
The CoI approach to network security delivers defense-grade security by rendering enterprise data, users, and the data center invisible to the outside world. It is also cost effective as multiple CoIs can share the same physical network, enhancing an organization’s ability to rapidly respond to business changes.
It is time to eliminate the tradeoff between cost and risk, because tradeoffs are never good.
The statements posted on this blog are those of the writer alone, and do not necessarily reflect the views of Unisys.
To prevent spam and inappropriate or offensive content, please note that all comments are moderated. Thank you.