Forwarded From: darek milewski <darekm@cmeasures.com>
Beating back biggest risk -- 'inside job'
By Jim Kerstetter, PC Week
January 15, 1999 4:50 PM PT
http://www.zdnet.com/zdnn/stories/news/0,4586,383857,00.html
IT administrators have long been aware of internal data security threats
but have had little ammunition to combat them.
At the RSA Data Security Conference in San Jose, Calif., next week, two
small companies will address an obvious weakness in enterprise security:
the ability of disgruntled employees -- or hackers armed with employee
passwords -- to gain access to sensitive data.
With new software from Shym Technology Inc. and Network-1 Security
Solutions Inc., companies that have focused on building a virtual fortress
around their networks will now be able to ensure that people already
inside don't go where they shouldn't -- either accidentally or
maliciously.
"Internal security is obviously an area we spend a great deal of time
with," said Neal Fuerst, a security analyst at a Southwestern
manufacturing company. "The dollar values associated with a loss like that
would be astronomical in our environment."
Network-1, of Wellesley, Mass., will discuss at the RSA conference
CyberwallPlus, a suite of applications that includes CyberwallPlus VPN, a
network-to-network virtual private network; CyberwallPlus-AP, which
protects any communications protocol inside the enterprise; and
CyberwallPlus-IP, a traditional external firewall.
Hidden protection
CyberwallPlus-AP, in particular, addresses internal security concerns. It
is a packet inspection engine that can sit anywhere inside a network and
support multiple network protocols. It has no IP address, so it is hidden
from attack, and it can block important company data, such as financial
information, from the rest of the enterprise. It also detects activities
such as untrusted users trying to connect to trusted parts of the network
or users moving large files out of secure areas.
"You can put an internal firewall in between your critical servers and
everyone else," said Mike Waldenberger, a technologist at Tessco
Technologies Inc., in Hunt Valley, Md., which is implementing
CyberwallPlus-AP. "It's another layer of access that says some people can
go in there and some people cannot."
CyberwallPlus VPN is $5,995, CyberwallPlus-AP costs $4,995 and
CyberwallPlus-IP is $1,995. They will ship in the first half of the year.
Shym, of Needham, Mass., is trying to make it easier for administrators to
hook a PKI (public-key infrastructure) into existing enterprise
applications, including SAP AG's R/3 suite, PeopleSoft Inc.'s enterprise
applications, Documentum Inc.'s document management applications and Lotus
Development Corp.'s Notes.
Access control
By tying a PKI into enterprise applications, administrators can improve
access control while opening internal data to business partners. The Shym
PKEnable product suite includes the Shym Integration Layer, the Shym
Provider Interface and the PKEnable server. It will be available in April;
a pilot package for as many as 100 users is $10,000.
Administrators say there's no question that internal risks far outweigh
external security concerns. FBI statistics back that conclusion. A survey
of Fortune 500 companies conducted last year found that most data thefts
came from internal users.
Policy can help. At Fuerst's company, confidential data that leaves the
building on laptops must be encrypted using a PKI from Entrust
Technologies Inc. Some data is considered so confidential that it must be
encrypted whenever it is not being viewed on a screen.
Internal threats Waldenberger said he's never seen an external attack do
much damage. But internal threats are another story, and any technology
that would prevent them is a help.
"The biggest problem is they lay off an employee and then they don't walk
them to the door," he said. "They let them sit there for a week and think
about what happened."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:06:48 1999