Though a data breach is one of the biggest fears facing IT security managers today, the frequency with which data thefts including some relatively unsophisticated and easily preventable ones are taking place demonstrate the lapses in implementing multi-layered security measures.
Given the rapid technological advances in infiltration methods, it’s unrealistic to expect any organization to have a totally fail-safe barrier against cyber-attacks, but it’s crucial that they focus on securing the network using a robust combination of network knowledge, advanced detection tools and reactive measures. Given the rapid technological advances in infiltration methods, it’s unrealistic to expect any organization to have a totally fail-safe barrier against cyber-attacks, but it’s crucial that they focus on securing the network using a robust combination of network knowledge, advanced detection tools and reactive measures.
One of the most glaring network security failures in the recent past is the Target data breach. As security blogger Brian Krebs reported, hackers infiltrated Target’s Point of Sale (POS) systems using a username and password filched from a HVAC systems company that had permission to access Target’s network. They then roamed the Target network freely for over two weeks without being detected and installed data-lifting malware on the retailer’s POS systems. The hackers succeeded in stealing information pertaining to around 40 million debit and credit cards.
Though the malware deployed to steal customers’ financial data was sophisticated, the theft could have been prevented if proper network security measures had been implemented. As reported by Jaikumar Vijayan in Computer World , appropriate network segmentation as recommended by the Payment Card Industry Data Security Standard might have prevented the hackers from gaining access to cardholder payment information.
In today’s connected business environment, it’s often necessary to grant third party business associates access to the company network. In such cases, sensitive data needs to be segregated from other segments of the network in a secured database so that outsiders are unable to gain access to such information. Securing third- party access using network segmentation and other third-party risk management practices is crucial to protection of data and systems.
It is no longer prudent to rely solely on widely-used prevention tools such as anti-virus software, firewalls and spam filters. IT Security managers need to implement advanced network monitoring tools in order to be able to identify potential threats. There are tools available today that make it possible to identify unusual access as well as to know when and which data has been compromised.
We now have tools that enable network administrators to analyse all network traffic and trace the path of a packet from origin to destination. This can help detect unauthorized use of company systems. Vendors who offer network monitoring tools include Fluke Networks, Paessler, Solar Winds, GFI and Spiceworks.
Risk management includes a thorough systems audit in order to uncover vulnerabilities and address them immediately. If the Target network had been monitored for weak points, the attack might have been uncovered before the hackers were able to collect all that sensitive payment information.
As threats become more and more sophisticated, network security managers need to employ a combination of network awareness, detection tools and event response capabilities to secure their networks and customer data at every level