Security challenges
- Article 1 of 3
- Enterprise Security, June 2004
As IT has become more and more important to the modern business, so security has become a business issue.
Page 1 | Page 2 | Page 3 | All 3 Pages
Blurred boundaries
Indeed, keeping up with the thousands of IT security threat alerts, most of which are probably irrelevant, is one of the biggest sources of information overload, and often, relevant alerts get lost among the 'noise' of benign alerts. Services such as Computer Associates' eTrust Threat Information Center monitor vulnerabilities in technologies, operating systems and applications and can automatically deliver security notifications to organisations.
The service can be set up so that only those threats that are important to the organisation are delivered, enabling appropriate action to be taken in a timely manner.
One of the reasons for the increasing number of security risks is that network boundaries have become so blurred. Technologies that on the one hand promise to increase corporate productivity and flexibility can, on the other, introduce new vulnerabilities.
For example, secure connection protocols, such as SSL and IPSec, enable organisations to use the Internet to exchange information with employees in remote locations, branch offices, customers, suppliers and partners.
But such applications reduce the effectiveness of firewalls. For example, attackers can enter the corporate network undetected over a trusted, secure virtual private network (VPN) connection from an employee's compromised home PC.
That is how software giant Microsoft was broken into in 2000: the machine of a developer working from home was infected with the QAZ Trojan horse and outsiders used that to surreptitiously access Microsoft's systems.
Strategic decisions
As a result, a simple perimeter strategy has long been redundant. Organisations need defence throughout their network, with security services layered throughout a compartmentalised network if they are to prevent an attack being propagated across the enterprise.
For these organisations, security must be deep and pervasive, reinforcing the perimeter with layers of firewalls internally and intrusion detection and prevention systems (IDPSs) to plug back-door security holes and detect and eliminate attacks. Security should also be compartmentalised in order to isolate important assets and contain attacks to limit damage.
In a layered security strategy, firewalls and IDPSs are placed throughout the network - around the perimeter, in front of application servers, in front of network segments, and between application tiers - with security policies become increasingly stringent towards the centre of the network.
In a compartmentalised strategy, network segments and assets are sectioned off into individually secured compartments.
Page 1 | Page 2 | Page 3 | All 3 Pages