I love how this Cisco video clip on Blip TV starts with examples of DDOS attacks and then uses shots of incoming content filtering and then dramatizes with a cop not allowing a visitor into the booth - what is going on here? Cisco didn’t have budget for an editor who knows the difference between incoming and outbound traffic? (funny stuff around 1 minute 35 seconds)
I recently saw an article on Computerweekly that asks – “Is data loss prevention possible?”
I think that a more relevant question is “Is information protection possible?”
The author correctly identifies that it’s easier to access data (and leak it) than to modify or delete data. However, the notion that data is out of control in the corporate world is an over-reaction and does a mis-justice to most businesses.
Data is out of control in the corporate world…I think… the only way that we can have influence on the likelihood of (data loss) occuring is through a couple of fundamental controls, namely
1. Reduce and limit access to data
2. Control the “copyability” of data
Companies already manage access and control “copyability”. This is not new, nor is it effective against the threat of a major data loss event.
Organizations from SME and up to Global 2000 use Microsoft networks based on Active Directory with planned (not always well executed) group policies and permissions management. Controlling access and copyability in the service of business objectives is precisely the objective of these systems.
If you need finer-grained copy protection – there are dozens of endpoint security products – from Checkpoint, Mcafee and Symantec to Controlguard.
If you need finer-grained rights management, there are products like Microsoft DRM and Oracle IRM. Personally, I don’t think that DRM is effective for enterprise information protection. DRM changes the user experience and depends on user behavior, it can be broken and or bypassed and DRM systems are difficult to deploy on a large scale because of the above constraints.
However – permissions and rights access management and lately, removable device management have not prevented major data loss events like Heartland or Hannaford. The reason for this is that once rights are granted – the user is trusted and can move the data anywhere he or she wants.
We need information protection, not copy protection; and in a way and at a cost that is a good fit for the business.
Information protection is possible by taking a value-based approach that integrates with the business operation. Analyze your business requirements and threat scenarios – and only then – consider data loss prevention solutions like enterprise information protection from Verdasys, agent DLP from Mcafee or a gateway DLP solution from Fidelis Security.
Is a SME like the old German expression – Kleine Kinder kleine Sorgen, große Kinder große Sorgen? “Small children, small problems, big children, big problems”?
I wanted to call this post “The need to understand operational risk of information security” – but I realised that op risk is a concept used by big banks and that a SME with 40 employees is not even thinking in that direction and may not even have an IT manager, let alone an IT security and compliance group. Yet – a small payment processor, or customer service outsourcing provider can be destroyed by a single data loss event.
The impact of a data loss event on an SME can be proportionally much greater than for a large, globally dispersed organization. An SME has all their eggs in one basket – outsourcing manufacturing to the Far East and providing sales and support using the Internet from offices in New York, Tel Aviv and Mumbai.
A typical SME buys network access from the ISP and installs standard network security in the office: like a SOHO firewall (Checkpoint or Cisco do fine), anti-virus on the workstations and anti-spam from the ISP.
The problem with firewall/anti-virus/anti-spam is that they are defensive means against known signatures rather than proactive means of mitigating the next attack launched from inside the network.
Big time data theft event, this time by an employee leaving Intel to go to work for AMD. A Worcester, Mass. man has been charged with stealing trade secrets worth more than $1 billion.
Biswamohan Pani, 33, was indicted for allegedly stealing trade secrets from Intel’s Hudson, Mass. facility and downloading confidential documents from Intel offices in California.
According to the indictment, Pani gave notice to leave Intel and told his superiors he was using up about a week of vacation while looking for a job at a hedge fund.
In reality, according to the indictment, he had taken a job at Intel rival AMD and, while using up vacation time at Intel, was downloading documents marked by Intel as confidential. Without going into the entire discussion of Intel’s management of intellectual property, there are some interesting questions:
Why was an employee, who had announced he was leaving, and was running down vacation at home – even allowed to have access to Intel file servers?
How did Intel discover that confidential documents were being downloaded? Does Intel use data loss prevention technology? were they tipped off by another employee? or did the investigation start once Intel discovered that the employee was going to work for a competitor and then they started checking download logs?
Full article on the Sacremento Business Journal
Are test equipment sales a bellwether of the telecommunications and technology industry prospects?
I have been looking for macro indicators of what will happen in the telecommunications industry. We specialize in data security for telecommunications. Data security is a big issue for companies in flux – firing employees, turning more to outside contractors and merging operations. The question is whether or not data security is getting slashed out of 2009 budgets.
One macro indicator is sales forecasts of technology vendors to the telecom industry – Cisco, which is regarded as being very good at forecasting, predicts a sales drop of 10 percent in the next quarter. However – the supply chain doesn’t stop with telecom equipment and network security manufacturers like Cisco, Nortel. HP. Juniper, IBM, Alcatel and Nokia. These vendors need test equipment to test their products on telco and corporate networks.
Amid the telecom industry storm of warnings and worries, test equipment vendor Spirent Communications plc (NYSE: SPM – message board; London: SPT) believes it’s on-target for 2008 and a capable of maintaining a similar level of sales during 2009.
The crash of Lehman Brothers , in September 2008 caused widespread financial woes by companies of all shapes and sizes and also caused a blip for Spirent. But – Spirent sales bounced back in October. Telco equipment firms continue to spend in areas that are core to their strategies: wireless, carrier Ethernet, data center developments, and the automation of lab-based testing processes. “Customers are aiming for better utilization of their resources,” says the Sprient CEO.
Since customers need better utilization of their resources, that means that we need to show how our data security solutions will not only help protect telecom digital assets but also reduce the cost of ownership and do the job with less head-count.
I suppose I didn’t really need Spirent for that insight.
See the full article on Light Reading
I was talking with my friend Gennady Weizman yesterday about medium term (as in the next 6-18 months) impact of the current financial markets crisis on the tech market. Most of our business is in the telecom industry – so I have an interest in whether our clients will have money to spend.
it appears to me that there is a significant difference in the threat surface for telecom business today than 8 years ago when the dot.com bubble burst. Back in 2000, the telecom service providers and their technology suppliers were living off the bubble, overpriced products and services and an over-supply of fiber and network infrastructure. It took the the telecom industry 7 years to recover but today the industry is healthy with multiple growth drivers in VOD, IPTV, broadband, triple-play, VoIP, HDTV, 3G cellular, WiMax and mobile data.
Cisco is my personal indicator – if their orders (many from telecom service providers) drop then it’s a sign that the consumer credit crisis is trickling back up the supply chain to the equipment vendors.
Cisco shares declined in Nasdaq trading after John Chambers forecast the first revenue drop in five years because of the financial crisis. Sales may fall as much as 10 percent in the second quarter, which ends in January
The business took a hit with the credit crunch, driving October 2008 orders for Cisco products down 9 percent. Chambers said that his comfort level with the forecast was the lowest since the dot-com bubble burst in 2000. Cisco plans to save $1 billion in costs over the next three quarters by freezing hiring, business travel and relocation expenses.
Chambers is usually an optimistic fellow – so should we be worried?
Recent Comments