[ISN] Beating back biggest risk -- 'inside job'

From: mea culpa (jerichoat_private)
Date: Thu Jan 21 1999 - 12:02:25 PST

  • Next message: mea culpa: "[ISN] DES code cracked in record time, 01/20/99"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    
    --------------D9CF56DE0F4636B28BF8E755
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990121105546.6629hat_private>
    
    
    Forwarded From: darek milewski <darekmat_private>
    
    Beating back biggest risk -- 'inside job'
    By Jim Kerstetter, PC Week
    January 15, 1999 4:50 PM PT
    http://www.zdnet.com/zdnn/stories/news/0,4586,383857,00.html
    
    IT administrators have long been aware of internal data security threats
    but have had little ammunition to combat them. 
    
    At the RSA Data Security Conference in San Jose, Calif., next week, two
    small companies will address an obvious weakness in enterprise security: 
    the ability of disgruntled employees -- or hackers armed with employee
    passwords -- to gain access to sensitive data. 
    
    With new software from Shym Technology Inc. and Network-1 Security
    Solutions Inc., companies that have focused on building a virtual fortress
    around their networks will now be able to ensure that people already
    inside don't go where they shouldn't -- either accidentally or
    maliciously. 
    
    "Internal security is obviously an area we spend a great deal of time
    with," said Neal Fuerst, a security analyst at a Southwestern
    manufacturing company. "The dollar values associated with a loss like that
    would be astronomical in our environment." 
    
    Network-1, of Wellesley, Mass., will discuss at the RSA conference
    CyberwallPlus, a suite of applications that includes CyberwallPlus VPN, a
    network-to-network virtual private network;  CyberwallPlus-AP, which
    protects any communications protocol inside the enterprise; and
    CyberwallPlus-IP, a traditional external firewall. 
    
    Hidden protection 
    
    CyberwallPlus-AP, in particular, addresses internal security concerns.  It
    is a packet inspection engine that can sit anywhere inside a network and
    support multiple network protocols. It has no IP address, so it is hidden
    from attack, and it can block important company data, such as financial
    information, from the rest of the enterprise. It also detects activities
    such as untrusted users trying to connect to trusted parts of the network
    or users moving large files out of secure areas.
    
    "You can put an internal firewall in between your critical servers and
    everyone else," said Mike Waldenberger, a technologist at Tessco
    Technologies Inc., in Hunt Valley, Md., which is implementing
    CyberwallPlus-AP. "It's another layer of access that says some people can
    go in there and some people cannot." 
    
    CyberwallPlus VPN is $5,995, CyberwallPlus-AP costs $4,995 and
    CyberwallPlus-IP is $1,995. They will ship in the first half of the year. 
    
    Shym, of Needham, Mass., is trying to make it easier for administrators to
    hook a PKI (public-key infrastructure) into existing enterprise
    applications, including SAP AG's R/3 suite, PeopleSoft Inc.'s enterprise
    applications, Documentum Inc.'s document management applications and Lotus
    Development Corp.'s Notes. 
    
    Access control
    
    By tying a PKI into enterprise applications, administrators can improve
    access control while opening internal data to business partners. The Shym
    PKEnable product suite includes the Shym Integration Layer, the Shym
    Provider Interface and the PKEnable server. It will be available in April;
    a pilot package for as many as 100 users is $10,000. 
    
    Administrators say there's no question that internal risks far outweigh
    external security concerns. FBI statistics back that conclusion. A survey
    of Fortune 500 companies conducted last year found that most data thefts
    came from internal users. 
    
    Policy can help. At Fuerst's company, confidential data that leaves the
    building on laptops must be encrypted using a PKI from Entrust
    Technologies Inc. Some data is considered so confidential that it must be
    encrypted whenever it is not being viewed on a screen. 
    
    Internal threats Waldenberger said he's never seen an external attack do
    much damage. But internal threats are another story, and any technology
    that would prevent them is a help. 
    
    "The biggest problem is they lay off an employee and then they don't walk
    them to the door," he said.  "They let them sit there for a week and think
    about what happened." 
    
    --------------D9CF56DE0F4636B28BF8E755--
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:32 PDT