''Doorman'' Approach to Network Security Fails to Protect Enterprises From Costly Intrusions; Survey of Chief Security Officers Reveals Growing Need for Network Access Control; Intrusions Continue Despite Growing Security Budgets.MOUNTAIN VIEW, Calif. -- With network security in the spotlight due to recent data breaches, Vernier vernier (vûr`nēr), auxiliary scale, either straight or an arc of a circle, designed to slide along a fixed scale. Its unit divisions, usually smaller than those on the fixed scale, permit a far more precise reading. Networks recently surveyed top enterprise and government security executives about their approaches to network security and budget trends. More than 140 chief security officers (CSOs) and security executives responded to the survey during a recent nationwide seminar series conducted by Vernier Networks and Qualys. Survey findings highlight the need for tighter user access control and continued concern about security threats and patching, despite increased security budgets. The most surprising results found that 51 percent of chief security officers acknowledged relying on a "doorman" approach to internal network security, regulating network access by admitting users at the network edge. This approach gives users full, unmonitored access to the network and servers containing corporate data, customer information and other vital intellectual property, once they get past endpoint security, or the "doorman." 36 percent rely on a "VIP Entrance" approach to network access, which identifies users and "accompanies" them around the network to ensure they do not access unauthorized areas. 13 percent admit to a "revolving door" approach -- with users coming on and off the network as they please. The results revealed that relying solely on a "doorman" approach, which does not monitor behavior once a user has accessed the network, is not proving sufficient. 62 percent of CSOs acknowledged that their organizations faced intrusions from internal sources -- those who were granted access by the "doorman." "It has become clear that security around the network perimeter The boundary of a system or network, which defines the inside and outside. It is typically determined by firewalls and addresses. See DMZ. , while essential, is not sufficient to rid organizations from costly intrusions such as last week's attacks on credit card processing centers and commercial banks," said Simon Khalaf, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Vernier Networks. "Our survey results indicate the immediate need to offer security within the fabric of the network and completely manage access to the network through pre-emptive pre·emp·tive or pre-emp·tive adj. 1. Of, relating to, or characteristic of preemption. 2. Having or granted by the right of preemption. 3. a. , proactive and reactive reactive /re·ac·tive/ (re-ak´tiv) characterized by reaction; readily responsive to a stimulus. re·ac·tive adj. 1. Tending to be responsive or to react to a stimulus. 2. security." 88 percent of CSOs felt that tighter user access rights would improve overall network security -- either restricting network access or even authorizing network access but applying reactive security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security when intrusions occur. 52 percent of respondents In the context of marketing research, a representative sample drawn from a larger population of people from whom information is collected and used to develop or confirm marketing strategy. do not currently track new systems that enter the network. However, 62 percent plan on implementing a system process to track systems entering the network within the next year. This indicates that many CSOs recognize the correlation between not tracking devices admitted to the network and internal security breaches. A tremendous number of CSOs resisted the concept of quarantining "unpatched" devices until they are patched -- 64 percent of respondents quarantine quarantine (kwŏr`əntēn), isolation of persons, animals, places, and effects that carry or are suspected of harboring communicable disease. less than 10 percent of these unpatched devices despite professional security and network equipment vendors' advice to quarantine them. Only 13 percent of surveyed CSOs quarantine devices until they comply with corporate security policies. Other interesting findings include: Reacting to a breach -- Mixed approaches provide varying results When asked about approaches to addressing internal security threats, 57 percent of respondents felt their approach was akin to San Quentin San Quentin (săn kwĕn`tən), peninsula extending into San Francisco Bay, W Calif., N of San Francisco. The state prison there was begun in 1852. San Quentin is the western terminus of the Richmond–San Rafael Bridge. -- locking down sections of the network as soon as there is a disruption disruption /dis·rup·tion/ (dis-rup´shun) a morphologic defect resulting from the extrinsic breakdown of, or interference with, a developmental process. . 24 percent likened their approach to a hospital -- shutting down entire networks as soon as there is an outbreak. Only 13 percent said their approach to internal threats is like a personal bodyguard -- monitoring each individual on the network and quarantining and blocking immediately. The remaining 5 percent consider their approach to be much like a riot -- chaos with no clear direction when there are outbreaks. Patching vulnerable systems is still a chore 69 percent of security execs said that worms Worms (vôrms), city (1994 pop. 79,155), Rhineland-Palatinate, SW Germany, on the Rhine River. It is an industrial city and a leading wine trade center. , viruses and hackers are still their primary network security concern. The survey found that 49 percent patch externally facing servers within one week or less and 29 percent patch within two weeks. With respect to patching internal servers and desktops, 38 percent of security officers take one week or less, while 49 percent take between two weeks and a month to patch internal systems and desktops. Continued security intrusions drive bigger budgets In addition, survey results uncovered Uncovered may refer to:
The survey was conducted during a recent CSO (Chief Security Officer) The person in charge of all staff members who are responsible for promulgating, enforcing and administering security policies for all systems within an enterprise or division. Breakfast Seminar series sponsored by Qualys and Vernier Networks featuring Gartner, addressing best practice approaches to ensuring network integrity. The series discussed the tenants of enterprise security and looked at real-world implementations of network access control and vulnerability management. About Vernier Networks Vernier Networks offers the industry's only clientless network access management products that enable enterprises to assure business continuity. Deployed at the network edge, Vernier's award-winning EdgeWall security appliance Security appliances protect computer networks from unwanted data traffic, intruders, email spam, enforce policies, and may also be used to create and manage VPNs. There are a number of types of security appliances. defends against intrusions and attacks on the network by screening users and devices, restricting access, inspecting traffic for worms and viruses, and enforcing access policy. Headquartered in Mountain View, Calif., Vernier is a privately held company privately held company A firm whose shares are held within a relatively small circle of owners and are not traded publicly. and can be found on the Web at www.verniernetworks.com. (C) 2005 Vernier Networks, Inc. All rights reserved. Vernier Networks and the Vernier logo are trademarks of Vernier Networks, Inc. All other product names mentioned herein may be trademarks of their respective companies. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion