Real Protection Requires Innovative Thinking…


Photo courtesy of SANS

The current security model is flawed.  The majority of the risk mitigation is taking place at the endpoint with the idea that all business assets reside within a controlled, firewall protected environment.  If we could turn back the clock a decade, this point of view might be fairly accurate.  However, each day attacks become more advanced and we must advance our methods of protection.

By this time, we’ve all read the news reports of the NSA spying and their overreach.  The majority of attacks have been against Internet routers, switches and personal mobile devices. In fact, entire departments are dedicated to the task of cracking into your iPhone or Android-based device. It is also apparent that the Communications Security Establishment Canada (CSEC) has gotten into that action as well. Read more -> CSEC Spying

Whereas the focus of attacks used to be the core of a particular corporation, attackers have now moved on to more fruitful endeavors.  Such as the collection of personal, marketable data and corporate secrets and espionage, using data stored on mobile devices outside of the firewall.  Cyber Criminals want this data.  Your government wants this data.   This is where Information Security Specialists and Business Executives must adjust the focus and understanding of evolving business threats and actionable methods of response.

With PCI-DSS, GLBA, HIPPA, ISO and COBIT regulatory frameworks requiring efforts to protect the corporate core data, most MIS departments are performing regular audits of their firewall, wireless and system logs. Names such as Tripwire, Business Intelligence, AirDefense and Splunk have become secondhand in the technology landscape.  With all of this protection, most businesses are not properly controlling the mobile footprint.  We’ve not all realized the threat that these incredibly powerful mobile computers, with vast amounts of data storage in our pockets, that just happen to make phone calls, pose to our intellectual property.

Mobile phones are rarely updated,  rarely patched, are subject to very little corporate oversight, but carry massive amounts of proprietary information.  Emails from the CEO regarding a business acquisition, plans for credit card processing changes and…oh yes, that SSN number for the employee that is involved in the heated sexual harassment suit against your firm.  All downloadable by exploiting the most recent bootkit trojan or bluetooth vulnerability.

Getting the picture?  Pretty ugly, huh?

Rule-Based Firewalls, with thousands of workstations, protected by known-threat antivirus definitions simply isn’t good enough these days.  As an old admin told me quite recently, “I just use firewall chains, with deny statements to protect from threats.  I only allow ports that carry “safe” traffic” on my network.”.  Friend, there are no safe ports and no traffic can be explicitly trusted.  You can easily use that safe website “Google” to email personal data to outside, untrusted recipients.  Heck, they will even store it for you.  Indefinitely…

It is time to realize that data moves.  It moves across your trusted networks, out past the firewall and into the world.  Attacks are no longer targeted against your firewall, vpn tunnels or web server.  They are against your weakest link.  They are against your end user. We must think bigger and adjust our mechanisms of protection.

Are you securing the HumanOS?  If not, we are here to help.

Give us a call or drop a line in the contact form.  We will be right with you.

Comments are closed.