Partner View

Protecting Information Beyond Perimeter Defenses

Bluetooth, WiFi, Blackberrys, USB flash drives ... the IT landscape continues to expand beyond traditional servers and desktops, and so should your diligence to maintain security "out there."

• By Christine Ewing
• September 01, 2006

Research by Gartner Inc. indicates that "two-thirds of fresh and critical business data is [kept] on employee workstations, not on servers." Global consulting firm Capgemini states that rogue hotspots -- temporary wireless access points that look genuine and are set up to steal crucial security information -- "constitute one of the most serious and most likely vehicles for wireless security breaches."

Clearly, IT organizations are struggling to secure their systems and data while maintaining employee productivity. With mobile clients, USB and Bluetooth devices and wireless capability playing into the mix, standard perimeter defenses are no longer enough to protect business systems and information assets. IT organizations serious about maintaining secure environments must also focus on the following issues:

People and processes: IT must combine its desire for "system lockdown" with end-user requirements for control and productivity. End users often unknowingly introduce unintended security risks simply by using their own unapproved productivity tools.

Regulations: More than 25 new governmental regulations requiring corporate compliance have been enacted since 1998. The threat of fines and lawsuits for noncompliance make IT security issues even more imperative for today's businesses.

Data security: Malicious and targeted attacks are becoming more prevalent. The threat from USB devices alone is likely to reach epidemic proportions as the number of such devices in use rises.

What can companies do? Let's consider the problems and potential resolutions for the most prevalent threats.

Removable storage: These devices are an easy avenue for data loss and malicious code to appear on corporate systems. Companies need to protect data from unwanted transfer to easily lost or stolen media. IT organizations should define acceptable devices for the environment and implement additional controls based on identifying elements such as serial numbers. With these controls, companies can specify "read-write" or "read-only" status, or completely disable access based on the type of device.

Connectivity and Wi-Fi: Organizations should stop the use of unauthorized wireless gear and impose minimum security standards for all users. An effective solution would enforce the use of the company's VPN at home, at the airport or from any non-office location.

Security application integrity: Companies need to curb users from turning off or tweaking critical security software. IT organizations should have the ability to centrally verify all users' anti-virus, software-patch and security-update compliance and be able to enforce the policy, regardless of location.

Rogue applications: An end-point control solution should be adopted to prevent malicious code from executing on a system. The solution must ensure that users can't circumvent controls by renaming a file or by editing the registry.

Advanced endpoint firewall: Firewall settings should be centrally controlled and should automatically adjust to user location. The firewall policy should also minimize unauthorized connections, protocol attacks and port scans.

Any successful approach to protecting systems and information must strike the right balance between security and productivity both for end users and for the IT organization. Fortunately, that's possible today, thanks to existing endpoint control solutions that can be integrated with established systems management solutions.