Put Up A Strong Defense

High-profile security threats such as the Sober worm and vulnerabilities in Microsoft software grab a lot of the attention, but most companies this year will be looking to control the biggest threats of all--the ones initiated within their own businesses.

Larry Greenemeier, Contributor

January 20, 2006

6 Min Read
InformationWeek logo in a gray background | InformationWeek

High-profile security threats such as the Sober worm and vulnerabilities in Microsoft software grab a lot of the attention, but most companies this year will be looking to control the biggest threats of all--the ones initiated within their own businesses.

Customized outbound data searches will be part of the Houston Texans' defensive strategy.Photo by Marin Media

The growing use of blogs, chat rooms, Internet postings, instant messages, and E-mail have increased the risk of proprietary information being leaked, knowingly or inadvertently, into the public domain or where it shouldn't be. Employee training, enforcement of security policies, and careful screening during hiring can reduce the threat, but emerging technologies also are playing an increasing role. Among the latest are software to monitor messages sent from mobile devices, technology that provides more comprehensive encryption of data, and real-time blocking and encryption of voice-over-IP messages.

In extreme cases, data-protection measures could thwart insiders, such as disgruntled employees or ex-employees, looking to post sensitive data on the Web from their employer's databases, as William Sutcliffe did after being fired in 2001 from telecommunications provider Global Crossing. Sutcliffe created a Web site containing personal information, including Social Security and phone numbers, home addresses, and birth dates, of as many as 8,000 Global Crossing employees and provided links to Web sites that described how to use this information to commit identity fraud. He was caught and sentenced to 46 months in prison.

Bad Choices

Most security breaches by insiders are unintentional. They come from employees who make ill-advised or uninformed choices regarding storage of their passwords, the Web sites they visit, and the E-mails they send. The Computing Technology Industry Association's annual survey on IT Security and the Workforce trends, to be published in March, indicates that nearly 80% of corporate security breaches are caused by computer-user error. One in four outbound E-mails poses a legal, financial, or regulatory risk to the sending company, according to a 2005 survey conducted by Forrester Research and messaging security software maker Proofpoint Inc. of 332 IT executives and managers. Companies expect insider risks to grow, and nearly half of survey respondents plan to deploy technology to monitor Web mail or instant messaging to combat these threats.

Among the challenges are the growing number of methods-- such as PDAs and smart phones-- for transmitting sensitive data out of a company. Security software maker Workshare Inc. plans to release a new version of its Protect software in February that monitors messages sent from mobile devices. The company also will partner with an encryption-technology company to deliver software that encrypts information sent outside business networks.

Rating The Risks

25%

of outbound E-mails contain content that poses a legal, financial, or regulatory risk

36%

of companies employ staff to read or analyze outbound E-mail

47%

70%

77%

Data: Forrester Research and Proofpoint survey of 332 IT executives and managers

The integration of encryption capabilities with content-monitoring software will help companies ensure that even when sensitive data gets out, no one else can access it. A more formal approach to encryption also will alleviate the need for security pros to resort to ad hoc approaches to encryption.

"Rogue encryption is a danger from insiders who develop their own encryption schemes for their companies to use," says Jim Pante, president and CEO of security software maker Tablus Inc. and a former law-enforcement officer. They end up making it difficult to decrypt messages, Pante says. Tablus expects by the end of February to make encryption available as part of its Content Sentinel software.

Security controls on all types of outbound information are particularly important when defending against inside breaches. Blocking and encrypting voice over IP in real time as it travels over the network is a new requirement, says Kurt Shedenhelm, president and CEO of Palisade Systems Inc., a provider of software for inspecting network communication. "The challenge is decoding the voice message in real time," he adds. "We're within nine months of being able to understand and decode VoIP protocol and messages." The ability to block VoIP content in real time is likely to take longer to develop, but it's coming.

Best Defense

Technologies that protect against insider threats help all kinds of businesses. As the Houston Texans football team prepares to make the first-round pick in April's NFL draft and searches for a new head coach, it has many reasons for guarding its communications. The Texans use Vericept Corp.'s content-management software to monitor network activity and Palisade's Packetsure software to block sensitive information from being leaked.

Texans IT director Nick Ignatiev knows a strong defense is his best offense, and he's looking downfield at new technologies. Ignatiev's team is tweaking Packetsure so that it can customize outbound data searches to look for intellectual property specific to the football organization, including text and diagrams that would indicate files containing the team's plays. "It's a project that's been on the list for a while but is now rising to the top," Ignatiev says, "thanks to the growing interest in network security."

Continue to the sidebar:
Mind-Reading Voice Analyzer On Tap

Read more about:

20062006
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights