Read about the effort by federal agencies to share critical data more widely while still keeping it secure: Feds face challenge of balancing data access and security
IT 'Big Brothers' trying to keep internal users under control
Activity-monitoring tools may be able to help stop rogue insiders from compromising data. But they aren't being widely adopted yet.
Computerworld - When it comes to protecting his company's data, Tom Scocca doesn't mind that he might be seen as something of a Big Brother by internal end users.
Scocca, who is a global security consultant at a large company that supplies products to the semiconductor industry, thinks that threats from within businesses require as much attention from security managers as external threats do.
So in addition to the usual network perimeter defenses, Scocca has put monitoring tools on end-user PCs and internal networks to help guard against inadvertent or malicious data breaches.
"There is a bit of a Big Brother syndrome attached to it," he acknowledged. But IT managers need to get over their trepidation about being called snoops, added Scocca, who asked that his employer not be named.
"These tools are not there to spy on people," he said. Rather, they're designed to "make sure the things that keep the revenues rolling in aren't compromised."
The issue of rogue insiders surfaced in a high-profile way last month, when the U.S. Department of State disclosed that three contract workers with access to its systems had improperly viewed the passport records of presidential candidates Hillary Clinton, John McCain and Barack Obama. The activities of the contractors were detected by a security-monitoring system designed to alert administrators whenever flagged passport files are accessed.
But technologies that can keep a close eye on the activities of internal users have yet to be widely adopted. For example, Gartner Inc. analyst John Pescatore estimates that less than 30% of Fortune 5,000 companies have installed such tools.
The lack of active monitoring of end users is a big reason why some insiders have been able to pull off spectacular data heists without getting caught -- at least not right away.
A prime example is the case of Gary Min, a former research scientist at DuPont who in 2005 downloaded about 22,000 document abstracts containing confidential information about most of the company's major products. Min was caught only after he gave his notice; at that point, an internal investigation showed that he had accessed about 15 times more data than the next-highest user of DuPont's electronic document library.
In another prominent insider case, Certegy Check Services Inc. disclosed last summer that a database administrator had sold the personal and financial information of 8.5 million consumers to data brokers over a five-year period. The check-processing firm didn't nab the DBA until a retailer reported a link between check transactions and marketing solicitations that some of its customers had received.
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!