Maintain your old Siemens Hipath system

Data Security; Are Your Company Assets Really Secure?

Is your data secure? Think again. Securing data is unlike any other corporate asset, and is likely the biggest challenge your company faces today. You may not see it, but almost all of your company's information is in digital form somewhere in the system. These assets are critical because they describe everything about you; your products, customers, strategies, finances, and your future. They might be in a database, protected by data-center security controls, but more often than not, these assets reside on desktops, laptops, home computers, and more importantly in email or on some form of mobile computing device. We have been counting on our firewall to provide protection, but it has been estimated that at least fifty percent of any given organization's information is in email, traveling through the insecure cyberspace of the Internet.

Digital Assets are Unique

Digital assets are unlike any other asset your company has. Their value exceeds just about any other asset your company owns. In their integral state they are worth everything to your company; however, with a few "tweaks" of the bits they are reduced to garbage. They fill volumes in your data center, yet can be stolen on a keychain or captured in the air. Unlike any other asset, they can be taken tonight, and you will still have them tomorrow. They are being created every day, yet they are almost impossible to dispose of, and you can erase them and they are still there. How can you be sure that your assets are really safe?

Understanding Physical Security Architectures

Physical assets have been secured for thousands of years, teaching us some important lessons. An effective security architecture uses three basic security control areas. Let's assume you want to create a secure home for your family; what would you do? Most of us started with the basics; doors, windows, locks, and perhaps a fence. Second, we rely on insurance, police protection, and we may have even purchased an attack dog or a personal firearm. Given these controls, you may have taken one more step to provide some type of alarm. Not trusting your ears to detect an intrusion, you might have installed door and window alarms, glass break sensors, or motion detection. You may have even joined the neighborhood watch program in your area. These are the controls everyone uses, and they are similar to the controls that have been used since the beginning of mankind.

Which is most important? Looking at the three categories of security controls used, the first consists of protective devices that keep people out; doors, windows, locks, and fences. Secondly, alarms notify us of a break-in. Finally we have a planned response control; the police, use of a firearm, or recovery through insurance. At first glance it may appear that the protective controls are the most important set of controls, but a closer look reveals that detection and response are actually more important. Consider your bank; every day the doors are open for business. This is true of just about every business, home, or transportation vehicle. Even the bank safe is generally open throughout the day. You can see it from the bank teller counter, but step over the line and you will find out how good their detection-response plan is.

Evaluating your Company's Approach

Now look at your digital assets; how are they protected? If you are like most organizations, your entire security strategy is built on protection controls. Almost every organization in America today has a firewall, but does not have the ability to detect and respond to unauthorized users. Here is a simple test; run a Spyware removal program on your system and see what comes up. In almost every case you will find software installed on your system that was not installed by an authorized user. In the past this has been an irritation; in the future, this will become the program that links uninvited guests to your data. Bruce Schneier, a well known security author and expert writes in his book, Secrets and Lies, "Most attacks and vulnerabilities are the result of bypassing prevention mechanisms". Threats are changing. The biggest threats likely to invade your systems will bypass traditional security measures. Phishing, spyware, remote access Trojans (RATS), and other malicious code attacks are not prevented by your firewall. Given this reality, a detection response strategy is essential.

It's time to review your security strategy. Start by asking three questions. First, which assets are critical to your business, where are they located, and who has access to them? Second, what threats exist? Determine who would want your data, how they might gain access, and where the possible weaknesses in your security architecture lie. Finally, how comfortable are you with your company's ability to detect and respond to unauthorized access. If someone wants access to your data, preventative measures alone won't stop them.

Begin planning a balanced security architecture. Start by adding detection controls to your prevention architecture. This does not mean simply adding intrusion prevention software (IPS), but rather creating a system to proactively monitor activity. Intruders make noise, just like in the physical world, and with proper event management, combined with zero-day defense technologies of IPS, network administrators can begin to understand what normal activity looks like and what anomalies might be signs of an attack. In a recent interview with Scott Paly, President and CEO of Global Data Guard, a Managed Services Security Provider (MSSP), Scott said, "Threats such as worms and new hacker techniques constantly morph, so the most viable model for optimum security is a blend of preventive and predictive controls based on analysis of network behavior over time". By balancing prevention, detection, and response, companies can defeat most of the latest hacker attempts.

David Stelzl, CISSP is the owner and founder of Stelzl Visionary Learning Concepts, Inc. providing keynotes, workshops, and professional coaching to technology resellers. David works with executive managers, sales people, and practice managers who are seeking to become market leaders in technology areas that include Information Security, Managed Services, Storage and Systems solutions, and Networking. Contact us at info@stelzl.us or visit http://www.stelzl.us to find out more.

In The News:

Undersea 'blasts' recorded at same time Russia-Germany gas pipelines damaged
Tue, 27 Sep 2022 09:39:00 +0100
Mysterious leaks in the Nord Stream gas pipe network began with "powerful subsea blasts" and may have resulted from an "act of sabotage".

Qatar 'conscripting civilians and summoning diplomats from abroad' to do World Cup security
Tue, 27 Sep 2022 11:31:00 +0100
Qatar has called up hundreds of civilians - and summoned back diplomats from overseas - for mandatory military service to operate security checkpoints at World Cup stadiums.

Eleven children among 17 killed in Russia school shooting as wounded to be taken to Moscow
Tue, 27 Sep 2022 13:15:00 +0100
More than a dozen children wounded in a school shooting in central Russia are being transferred to Moscow for further treatment.

Shakira to face trial over alleged £13m tax fraud
Tue, 27 Sep 2022 12:16:00 +0100
Shakira is set to go on trial for tax fraud after a Spanish judge approved proceedings against the pop megastar.

Lawyer facing charges in case linked to Kenya's president found dead
Tue, 27 Sep 2022 11:31:00 +0100
A lawyer facing charges at the International Criminal Court (ICC) in a previous case linked to Kenya's recently elected president has been found dead.



tikatoshop.it

Erfahrungen mit Pallhuber Wein
Agen Bola SBOBET Terpercaya

Travel in comfort and at your leisure with CT Airlink Limousine & Car Service for top quality private transportation and exceptional customer service. We operate Sedans, SUVs & Vans for CT Car Services to covering all Connecticut airports including Car Service from CT to Newark Airport , Mohegan Casino Uncasville CT, Foxwoods Casino Mashantucket CT, Manhattan Cruise Terminal NYC, Brooklyn Cruise Terminal NYC and Bayonne Cruise Terminal NJ. CT Airlink hire licensed and friendly chauffeurs who have in-depth knowledge of the Areas.

Are They Watching You Online?

When surfing the Internet you probably take your anonymity for... Read More

Internet/Network Security

Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More

Fishing for Fortunes. Scam!

Spelt phishing, but pronounced as above, this despicable act is... Read More

How Did This Happen to Me? Top 10 Ways to Get Spyware or Viruses on Your Computer

If you use the internet, you have probably been infected... Read More

How to Protect Your Child from the Internet

When the Internet first came about, it was realized it... Read More

What is Hacking? Are You a Hacker?

WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More

The Saga of the Annoying Adware

When we think of adware, what comes to mind are... Read More

Criminals are Fishing For Your Identity

What is Phishing? In a typical Phishing attack, a criminal... Read More

Is The Internet Over Regulated

Today's Internet or World Wide Web is being over regulated.But,... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

Email Hoaxes, Urban Legends, Scams, Spams, And Other CyberJunk

The trash folder in my main inbox hit 4000 today.... Read More

Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay.... Read More

Phishing: A Scary Way of Life

The Federal Bureau of Investigation has identified "phishing" as the... Read More

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

New Mass Mailing Spamming Internet Trojan for the Windows Platform

May. 16th 2005 - MicroWorld has reported the discovery of... Read More

Be Aware of Phishing Scams!

If you use emails actively in your communication, you must... Read More

Is Adware - Spyware Putting Your Privacy at Risk

Do you sometimes notice your computer running slower. Is your... Read More

Identity Theft -- 10 Simple Ways to Protect Your Good Name!

Identity Theft is one of the most serious problems facing... Read More

DOS Attacks: Instigation and Mitigation

During the release of a new software product specialized to... Read More

Viruses and Worms: The Problems and Their Solutions

History and BackgroundThe virus was one of the first ever... Read More

3 Simple Steps to Stay Safe from Spyware

There are several basic concepts to keep in mind when... Read More

Blogs as Safe Haven for Cybercriminals?

To blog or not to blog? Well, why not? Lots... Read More

What is Spyware?

The most frustrating part of having Spyware on your computer... Read More

How To Prevent Spyware Attacking Your Computer

Spyware is software or hardware installed on a computer without... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More