Defending the network.The World Wide Web is lauded for its ability to deliver instant communications and connectivity. However, the web's speed and convenience brings with it the threat of both targeted and indiscriminate malicious attacks. The DTI Diffusion tensor imaging (DTI) A refinement of magnetic resonance imaging that allows the doctor to measure the flow of water and track the pathways of white matter in the brain. Information Security Breaches Survey 2004 (ISBS ISBS International Society of Biomechanics in Sports ISBS International Society for Biophysics and Imaging of the Skin ISBS Illinois State Button Society ISBS Iowa State Button Society ISBS Idaho State Button Society ) is the UK's leading source of information on security incidents suffered by businesses, both large and small. One of the most surprising statistics to emerge from this year's DTI survey is that 7% of UK organisations are yet to implement any form of anti-virus software anti-virus software n → Antivirensoftware f . Almost equally disconcerting dis·con·cert tr.v. dis·con·cert·ed, dis·con·cert·ing, dis·con·certs 1. To upset the self-possession of; ruffle. See Synonyms at embarrass. 2. is the fact that 41% of businesses do not immediately update their ant-virus software when a new virus signature is identified. ISBS illuminates the ever-present danger of viruses, unauthorised access, systems missuse, fraud and theft. With 90% of UK computer users frequently sending emails and browsing the web as a normal part of their working day, this increased connectivity to 'the outside world' is also attracting a deluge of unsolicited email or spam that is undermining the efficiencies of electronic communication. Two-thirds of large companies with sophisticated IT security systems admitted that their defences were breached by an email-borne virus at least once in the last year. The average UK business experiences at least one 'security incident' per month, and for larger companies, the figure is closer to one incident per week. Perhaps, for the 7% with their heads still buried in the sand, ignorance is bliss as most have no idea how susceptible they are, and how many attacks they fall victim to--until they consider the monetary cost. For a medium-sized business, the average cost of each security incident is 10,000 [pounds sterling], which is mainly attributed to systems downtime and lost productivity. However, the figure escalates with the size of the organisation, with larger firms reporting an average cost of around 20,000 [pounds sterling] per incident. As central and local government organisations upgrade IT infrastructure to improve interdepartmental in·ter·de·part·men·tal adj. Involving or representing different departments, as of a business, an academic institution, or a government: "the petty interdepartmental squabbling that surrounds the making of . . . collaboration and government-to-customer communication, the risk of exposure to viruses and malicious attack grows. A few years ago, there were very clear lines of distinction between the private and public domain. Generally, organisations would post a website populated pop·u·late tr.v. pop·u·lat·ed, pop·u·lat·ing, pop·u·lates 1. To supply with inhabitants, as by colonization; people. 2. with innocuous content as a two-dimensional electronic facade to the outside world. However, electronic 'brochureware' is being replaced by sophisticated, interactive websites that deliver a more personalised online experience to visitors. The technology is available to deliver single login access to various business-to-consumer and government services. It can also enable remote, wireless access to server-based data. In addition to providing more convenient ways for customers to communicate with organisations, the new gateways are particularly useful for staff seeking more flexible working arrangements, such as being able to work from home. It also enables public and private sector organisations to introduce mobile computing Using a computing device while in transit. Mobile computing implies wireless transmission, but wireless transmission does not necessarily imply mobile computing. Fixed wireless applications use satellites, radio systems and lasers to transmit between permanent objects such as buildings by putting PDAs in the hands of field service staff. Extending and blurring the boundaries of computing brings new security challenges. Many organisations 'security is like a soft-boiled egg. The firewall provides a shell, which is supposed to protect all internal networks and data. However, once the defence is cracked, the intruder An attacker that gains, or tries to gain, unauthorized access to a system. See attacker, intrusion and IDS. is free to access the soft, GUI (Graphical User Interface) A graphics-based user interface that incorporates movable windows, icons and a mouse. The ability to resize application windows and change style and size of fonts are the significant advantages of a GUI vs. a character-based interface. centre of the organisation's data repositories. ISBS reveals that three-quarters of in-house websites have a firewall, but half of these sites rely on the firewall as the sole defence. What can be done? Organisations need to move from the soft-boiled egg defence to a multi-layered strategy, which provides different levels of access to employees and customers depending on their security clearance. Once a multi-layer defence is in place, there are three steps to maintaining an effective security strategy: 1. Scan for vulnerabilities One of the greatest challenges in any distributed computing environment See DCE. Distributed Computing Environment - (DCE) An architecture consisting of standard programming interfaces, conventions and server functionalities (e.g. naming, distributed file system, remote procedure call) for distributing applications transparently across networks is in policing the network. How do you know if staff are downloading unapproved un·ap·proved adj. Not approved or sanctioned: an unapproved vaccine; an unapproved protest march. software? Are they opening mysterious attachments on emails? Is there a hole in the security defence that could admit a potentially devastating dev·as·tate tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. virus? A good anti-virus software incorporates special 'agents', which reside on every server, PC, laptop and PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). on the network. These agents continually scan the host device looking for Looking for In the context of general equities, this describing a buy interest in which a dealer is asked to offer stock, often involving a capital commitment. Antithesis of in touch with. anomalies that could cause security breaches. The agents report all potential vulnerabilities back to a centralised interface. This allows the CIO CIO: see American Federation of Labor and Congress of Industrial Organizations. (Chief Information Officer) The executive officer in charge of information processing in an organization. or IT manager to conduct real-time, 'at a glance' risk assessment and implement corrective and preventative measures. 2. Prioritise remediation New viruses sweep the world within hours of release. Systems administrators must therefore rare to install the latest anti-virus updates before infection occurs. However, one-third of ISBS respondents admitted that it takes them 48 to 72 hours to remedy security vulnerabilities. Response time ran be dramatically reduced by taking strategic counsel from a security specialist. Such companies can devise highly sophisticated defences to deal with 'blended threats', which possess characteristics of worms, Trojans and unique hacking techniques that would otherwise slip beneath the radar of most standard anti-virus software. 3. Patch the holes It's not unusual for organisations to have thousands of computers at hundreds of different sites. As an alternative to dispatching an army of IT foot soldiers into the field at the first hint of a new virus threat--which can take days or even weeks--the best solutions incorporate software delivery agents, which automatically transport and install anti-virus patches to all PCs across the network. Security management needs to be fast and nimble. It also needs to have its own safeguards in place to report back if any patches have not successfully installed. After all, any IT security defence is only as strong as its weakest link. Minimising the impact of spam According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. ISBS 2004, one-third of UK businesses cited unsolicited email or spam as a major issue. While not a security breach per se, spam is clearly disruptive and IT security staff and legislators alike are grappling how best to address the problem. There is little doubt that the volume of spam is increasing at an exponential rate. Spam currently comprises more than half of all incoming e-mail in 17% of OK businesses. One in ten now rate spam as a major business issue, causing significant time to be wasted. As a result, nearly one in four businesses (and nearly half of all large ones) filter incoming email. The impact of spam is multi-faceted. In addition to the time consuming inconvenience of wading through masses of spam to find legitimate email, spam is often used as the vehicle to transport and promulgate To officially announce, to publish, to make known to the public; to formally announce a statute or a decision by a court. viruses. Spammers are increasingly targeting poorly secured mail servers, and, using worms and viruses, turn them into relays that spread spam to other people. The DTI recommends the following course of action to limit the impact of spam: * Discourage staff from engaging in online activities that tend to attract unsolicited emails--Deploy and regularly update spam filtering tools * Discuss what steps can be taken by your ISP (1) See in-system programmable. (2) (Internet Service Provider) An organization that provides access to the Internet. Connection to the user is provided via dial-up, ISDN, cable, DSL and T1/T3 lines. to minimise the delivery of spam nearer its source It's interesting to note that one ISBS business respondent mentioned that a small number of the company's users receive the vast majority of spam. Despite the best intentions of the Data Protection Act, users who have published their email address See Internet address. on a website or in a newsgroup newsgroup Internet forum for discussion of specific subjects. Newsgroups are organized into subjects (e.g., automobiles); each typically has several subgroups (e.g., classic cars, Formula One racing cars). posting tend to be targeted most. Security management As targeted and indiscriminate attacks become more commonplace, IT managers are being forced to deploy both integrated and point-based solutions to secure every part of their computing environments. It follows that the proliferation of security solutions brings new infrastructure and software management challenges. In response to this demand, new software has been developed to centralise the management and provisioning of numerous IT security packages. This provides the IT team with a unified view of all PC users within the organisation and allows the team to set up new users and allocate, which applications employees can access. There is an IT adage that stipulates 'if you can't see a device or soft-ware application on the network, you can't manage it' and this is particularly true of IT security. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion