Read about the effort by federal agencies to share critical data more widely while still keeping it secure: Feds face challenge of balancing data access and security
IT 'Big Brothers' trying to keep internal users under control
Activity-monitoring tools may be able to help stop rogue insiders from compromising data. But they aren't being widely adopted yet.
Computerworld - When it comes to protecting his company's data, Tom Scocca doesn't mind that he might be seen as something of a Big Brother by internal end users.
Scocca, who is a global security consultant at a large company that supplies products to the semiconductor industry, thinks that threats from within businesses require as much attention from security managers as external threats do.
So in addition to the usual network perimeter defenses, Scocca has put monitoring tools on end-user PCs and internal networks to help guard against inadvertent or malicious data breaches.
"There is a bit of a Big Brother syndrome attached to it," he acknowledged. But IT managers need to get over their trepidation about being called snoops, added Scocca, who asked that his employer not be named.
"These tools are not there to spy on people," he said. Rather, they're designed to "make sure the things that keep the revenues rolling in aren't compromised."
The issue of rogue insiders surfaced in a high-profile way last month, when the U.S. Department of State disclosed that three contract workers with access to its systems had improperly viewed the passport records of presidential candidates Hillary Clinton, John McCain and Barack Obama. The activities of the contractors were detected by a security-monitoring system designed to alert administrators whenever flagged passport files are accessed.
But technologies that can keep a close eye on the activities of internal users have yet to be widely adopted. For example, Gartner Inc. analyst John Pescatore estimates that less than 30% of Fortune 5,000 companies have installed such tools.
The lack of active monitoring of end users is a big reason why some insiders have been able to pull off spectacular data heists without getting caught -- at least not right away.
A prime example is the case of Gary Min, a former research scientist at DuPont who in 2005 downloaded about 22,000 document abstracts containing confidential information about most of the company's major products. Min was caught only after he gave his notice; at that point, an internal investigation showed that he had accessed about 15 times more data than the next-highest user of DuPont's electronic document library.
In another prominent insider case, Certegy Check Services Inc. disclosed last summer that a database administrator had sold the personal and financial information of 8.5 million consumers to data brokers over a five-year period. The check-processing firm didn't nab the DBA until a retailer reported a link between check transactions and marketing solicitations that some of its customers had received.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts