Enterprise Security: A Moving Target
By Doug Saylors, director
As cyber-attackers employ more and more sophisticated tools and techniques to circumvent traditional security approaches, those tasked with maintaining enterprise security have an increasingly challenging job. Lest they forget the magnitude of that challenge, they were reminded just last week when Apple’s App Store suffered its worst security breach ever. Hundreds of apps, mostly in the Chinese App Store, had malicious code embedded in their software.
There is no shortage of stories about the havoc cyber-attackers and their exploits can wreak. Those able to hack company data like Social Security numbers and other personally identifiable information (PII) pose a serious threat to not only individuals whose identities are at risk, but to an enterprise’s efforts at creating customer loyalty. When attackers gain access to intellectual property or steal trade secrets that can feed the production of counterfeit goods, they also threaten to undermine an enterprise’s competitive stance.
In the never-ending battle against cyber criminals, enterprises should consider these Top 5 points:
- Implement a defense-in-depth security system. This multi-layered approach to security is the best strategy to protect data assets from unauthorized access or modification. Perimeter tools are no longer sufficient protection to keep attackers at bay. Enterprises need to build layers of security and collect extensive data analytics to adequately protect sensitive data.
- Be prepared for attacks that use new technologies and techniques. Recent examples of how hackers are imposing new kinds of threats to even well-defended organizations are not hard to find. By using malware, which embeds in firmware, attackers can render anti-virus software useless and then permanently infect or entirely disable specific devices.
- Carefully review your Bring-Your-Own-Device policy. As the recent Apple Store breach implies, attackers will use all means possible to gain entry into their targets, including modification of developer toolkits. Use of unrestricted employee devices allows attackers to gain further footholds and is a growing threat to the enterprise.
- Encrypt data end-to-end in systems. To prevent disclosure of sensitive data, enterprises must consider the whole picture. Transient data should be included. Data at rest is no longer sufficient. Key protection schemes are also critical. In addition to traditional encryption and limited access rights for keys, clients should ensure they understand where keys are stored in memory and protect against exfiltration through memory dump techniques.
- Keep a watchful eye on those around you. Even the best security technology on the market will not be able to protect you from malicious or careless employees. According to industry leaders at enterprises such as HP, IBM, Mandiant and numerous governmental agencies, insiders remain the most likely perpetrators of exfiltration of sensitive information. Breaches could occur maliciously or through compromised credentials leaked through the use of infected USB drives, Wi-Fi devices or phone chargers.
Security architecture with a strong foundation is essential to preventing breaches of sensitive data. As adversaries hone their skills, companies must continue to invest in new technologies and expert resources to limit their exposure. ISG helps enterprises create a plan for data security. Contact me to discuss further.
Discuss this Top 5